CVE-2005-0269

Published: May 2, 2005Modified: Apr 16, 2026

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

The file extension check in GNUBoard 3.40 and earlier only verifies extensions that contain all lowercase letters, which allows remote attackers to upload arbitrary files via file extensions that include uppercase letters.

Affected (1)

Products: Sir: Gnuboard

Sir

1 product

Gnuboard

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Sir Gnuboard	Up to 3.40

Related CWEs

CWE-178

Improper Handling of Case Sensitivity

The product does not properly account for differences in case sensitivity when accessing or determining the properties of a resource, leading to inconsistent results.

References (8)

http://marc.info/?l=bugtraq&m=110477648219738&w=2

Source: cve@mitre.org

ExploitMailing List

http://secunia.com/advisories/13711

Source: cve@mitre.org

Broken Link

http://www.securityfocus.com/bid/12149

Source: cve@mitre.org

Broken LinkThird Party AdvisoryVDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/18729

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://marc.info/?l=bugtraq&m=110477648219738&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitMailing List

http://secunia.com/advisories/13711

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

http://www.securityfocus.com/bid/12149

Source: af854a3a-2127-422b-91ae-364da2661108

Broken LinkThird Party AdvisoryVDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/18729

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.