{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2005-06-03T00:00:00", "descriptions": [{"lang": "en", "value": "Unknown vulnerability in the privilege system in Drupal 4.4.0 through 4.6.0, when public registration is enabled, allows remote attackers to gain privileges, due to an \"input check\" that \"is not implemented properly.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-10-17T13:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "17028", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/17028"}, {"name": "15372", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/15372"}, {"name": "20050603 [DRUPAL-SA-2005-001] New Drupal release fixes critical security issue", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-06/0010.html"}, {"name": "20050603 [DRUPAL-SA-2005-001] New Drupal release fixes critical security issue", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=111782257601422&w=2"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-1871", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unknown vulnerability in the privilege system in Drupal 4.4.0 through 4.6.0, when public registration is enabled, allows remote attackers to gain privileges, due to an \"input check\" that \"is not implemented properly.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "17028", "refsource": "OSVDB", "url": "http://www.osvdb.org/17028"}, {"name": "15372", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/15372"}, {"name": "20050603 [DRUPAL-SA-2005-001] New Drupal release fixes critical security issue", "refsource": "FULLDISC", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-06/0010.html"}, {"name": "20050603 [DRUPAL-SA-2005-001] New Drupal release fixes critical security issue", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=111782257601422&w=2"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T22:06:57.490Z"}, "title": "CVE Program Container", "references": [{"name": "17028", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/17028"}, {"name": "15372", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/15372"}, {"name": "20050603 [DRUPAL-SA-2005-001] New Drupal release fixes critical security issue", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-06/0010.html"}, {"name": "20050603 [DRUPAL-SA-2005-001] New Drupal release fixes critical security issue", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=111782257601422&w=2"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-1871", "datePublished": "2005-06-07T04:00:00", "dateReserved": "2005-06-08T00:00:00", "dateUpdated": "2024-08-07T22:06:57.490Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:drupal:drupal:4.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "EBFF99BC-5E1D-4ADA-8BE7-07F7761C972C", "vulnerable": true}, {"criteria": "cpe:2.3:a:drupal:drupal:4.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "AA805CAF-A678-43A9-932D-EE35DBCCA793", "vulnerable": true}, {"criteria": "cpe:2.3:a:drupal:drupal:4.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "18331C39-0ACE-4651-9D9F-1533AAD7C58C", "vulnerable": true}, {"criteria": "cpe:2.3:a:drupal:drupal:4.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "5093F703-13AA-4EEC-8659-C5EB29A54AA1", "vulnerable": true}, {"criteria": "cpe:2.3:a:drupal:drupal:4.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "82317650-F136-446D-904D-354B4D26E91B", "vulnerable": true}, {"criteria": "cpe:2.3:a:drupal:drupal:4.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "06A1ACAF-A468-43F0-9FAD-FA3D48363843", "vulnerable": true}, {"criteria": "cpe:2.3:a:drupal:drupal:4.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "95DA206C-EF72-4379-9ED8-795FCAD0BE19", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Unknown vulnerability in the privilege system in Drupal 4.4.0 through 4.6.0, when public registration is enabled, allows remote attackers to gain privileges, due to an \"input check\" that \"is not implemented properly.\""}], "id": "CVE-2005-1871", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2005-06-09T04:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-06/0010.html"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=111782257601422&w=2"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/15372"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/17028"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-06/0010.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq&m=111782257601422&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/15372"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/17028"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}