CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Vulnerability Details : CVE-2006-1688

Multiple PHP remote file inclusion vulnerabilities in SQuery 4.5 and earlier, as used in products such as Autonomous LAN party (ALP), allow remote attackers to execute arbitrary PHP code via a URL in the libpath parameter to scripts in the lib directory including (1) ase.php, (2) devi.php, (3) doom3.php, (4) et.php, (5) flashpoint.php, (6) gameSpy.php, (7) gameSpy2.php, (8) gore.php, (9) gsvari.php, (10) halo.php, (11) hlife.php, (12) hlife2.php, (13) igi2.php, (14) main.lib.php, (15) netpanzer.php, (16) old_hlife.php, (17) pkill.php, (18) q2a.php, (19) q3a.php, (20) qworld.php, (21) rene.php, (22) rvbshld.php, (23) savage.php, (24) simracer.php, (25) sof1.php, (26) sof2.php, (27) unreal.php, (28) ut2004.php, and (29) vietcong.php. NOTE: the lib/armygame.php vector is already covered by CVE-2006-1610. The provenance of most of these additional vectors is unknown, although likely from post-disclosure analysis. NOTE: this only occurs when register_globals is disabled.
Publish Date : 2006-04-10 Last Update Date : 2011-09-08
Search Twitter   Search YouTube   Search Google

- CVSS Scores & Vulnerability Types

CVSS Score
7.5
Confidentiality Impact Partial (There is considerable informational disclosure.)
Integrity Impact Partial (Modification of some system files or information is possible, but the attacker does not have control over what can be modified, or the scope of what the attacker can affect is limited.)
Availability Impact Partial (There is reduced performance or interruptions in resource availability.)
Access Complexity Low (Specialized access conditions or extenuating circumstances do not exist. Very little knowledge or skill is required to exploit. )
Authentication Not required (Authentication is not required to exploit the vulnerability.)
Gained Access User
Vulnerability Type(s) Execute CodeFile Inclusion
CWE ID 94

- Products Affected By CVE-2006-1688

# Product Type Vendor Product Version Update Edition Language
1 Application Squery Squery 4.5 Version Details Vulnerabilities

- Number Of Affected Versions By Product

Vendor Product Vulnerable Versions
Squery Squery 1

- References For CVE-2006-1688

http://liz0zim.no-ip.org/alp.txt
http://www.securityfocus.com/bid/17434
BID 17434 SQuery LibPath Parameter Multiple Remote File Include Vulnerabilities Release Date:2006-07-25
http://www.securityfocus.com/archive/1/archive/1/441015/100/0/threaded
BUGTRAQ 20060724 SQuery v.x (devi.php) (armygame.php) Remote File Inclusion
http://www.securityfocus.com/archive/1/archive/1/439874/100/0/threaded
BUGTRAQ 20060710 SQuery <= 4.5(libpath) Remote File Inclusion Exploit
http://www.securityfocus.com/archive/1/archive/1/430289/100/0/threaded
BUGTRAQ 20060408 Autonomous LAN party File iNclusion
http://securitytracker.com/id?1015884
SECTRACK 1015884
http://securityreason.com/securityalert/679
SREASON 679
http://secunia.com/advisories/19588
SECUNIA 19588
http://secunia.com/advisories/19482
SECUNIA 19482
http://www.blogcu.com/Liz0ziM/431845/
http://www.osvdb.org/24401
OSVDB 24401
http://www.osvdb.org/24402
OSVDB 24402
http://www.osvdb.org/24403
OSVDB 24403
http://www.osvdb.org/24404
OSVDB 24404
http://www.osvdb.org/24405
OSVDB 24405
http://www.osvdb.org/24406
OSVDB 24406
http://www.osvdb.org/24407
OSVDB 24407
http://www.osvdb.org/24408
OSVDB 24408
http://www.osvdb.org/24409
OSVDB 24409
http://www.osvdb.org/24410
OSVDB 24410
http://www.osvdb.org/24411
OSVDB 24411
http://www.osvdb.org/24412
OSVDB 24412
http://www.osvdb.org/24413
OSVDB 24413
http://www.osvdb.org/24414
OSVDB 24414
http://www.osvdb.org/24415
OSVDB 24415
http://www.osvdb.org/24422
OSVDB 24422
http://www.osvdb.org/24421
OSVDB 24421
http://www.osvdb.org/24420
OSVDB 24420
http://www.osvdb.org/24419
OSVDB 24419
http://www.osvdb.org/24418
OSVDB 24418
http://www.osvdb.org/24417
OSVDB 24417
http://www.osvdb.org/24416
OSVDB 24416
http://www.osvdb.org/24426
OSVDB 24426
http://www.osvdb.org/24425
OSVDB 24425
http://www.osvdb.org/24424
OSVDB 24424
http://www.osvdb.org/24423
OSVDB 24423
http://www.osvdb.org/24428
OSVDB 24428
http://www.osvdb.org/24427
OSVDB 24427
http://www.osvdb.org/24429
OSVDB 24429
http://www.vupen.com/english/advisories/2006/1284
VUPEN ADV-2006-1284

- Metasploit Modules Related To CVE-2006-1688

There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information)


CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.