{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-07-29T00:00:00", "descriptions": [{"lang": "en", "value": "The ip2long function in PHP 5.1.4 and earlier may incorrectly validate an arbitrary string and return a valid network IP address, which allows remote attackers to obtain network information and facilitate other attacks, as demonstrated using SQL injection in the X-FORWARDED-FOR Header in index.php in MiniBB 2.0. NOTE: it could be argued that the ip2long behavior represents a risk for security-relevant issues in a way that is similar to strcpy's role in buffer overflows, in which case this would be a class of implementation bugs that would require separate CVE items for each PHP application that uses ip2long in a security-relevant manner."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-17T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20060729 Re: PHP ip2long() function circumvention", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/441708/100/100/threaded"}, {"name": "20060729 PHP ip2long() function circumvention", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/441529/100/100/threaded"}, {"tags": ["x_refsource_MISC"], "url": "http://retrogod.altervista.org/php_ip2long.htm"}, {"name": "1016609", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1016609"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2006-4023", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The ip2long function in PHP 5.1.4 and earlier may incorrectly validate an arbitrary string and return a valid network IP address, which allows remote attackers to obtain network information and facilitate other attacks, as demonstrated using SQL injection in the X-FORWARDED-FOR Header in index.php in MiniBB 2.0. NOTE: it could be argued that the ip2long behavior represents a risk for security-relevant issues in a way that is similar to strcpy's role in buffer overflows, in which case this would be a class of implementation bugs that would require separate CVE items for each PHP application that uses ip2long in a security-relevant manner."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20060729 Re: PHP ip2long() function circumvention", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/441708/100/100/threaded"}, {"name": "20060729 PHP ip2long() function circumvention", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/441529/100/100/threaded"}, {"name": "http://retrogod.altervista.org/php_ip2long.htm", "refsource": "MISC", "url": "http://retrogod.altervista.org/php_ip2long.htm"}, {"name": "1016609", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016609"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T18:57:43.861Z"}, "title": "CVE Program Container", "references": [{"name": "20060729 Re: PHP ip2long() function circumvention", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/441708/100/100/threaded"}, {"name": "20060729 PHP ip2long() function circumvention", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/441529/100/100/threaded"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://retrogod.altervista.org/php_ip2long.htm"}, {"name": "1016609", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1016609"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-4023", "datePublished": "2006-08-09T00:00:00", "dateReserved": "2006-08-08T00:00:00", "dateUpdated": "2024-08-07T18:57:43.861Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "B14EF0C7-61F2-47A4-B7F8-43FF03C62DCA", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "74E7AE59-1CB0-4300-BBE0-109F909789EF", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "1874F637-77E2-4C4A-BF92-AEE96A60BFB0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The ip2long function in PHP 5.1.4 and earlier may incorrectly validate an arbitrary string and return a valid network IP address, which allows remote attackers to obtain network information and facilitate other attacks, as demonstrated using SQL injection in the X-FORWARDED-FOR Header in index.php in MiniBB 2.0. NOTE: it could be argued that the ip2long behavior represents a risk for security-relevant issues in a way that is similar to strcpy's role in buffer overflows, in which case this would be a class of implementation bugs that would require separate CVE items for each PHP application that uses ip2long in a security-relevant manner."}, {"lang": "es", "value": "La funci\u00f3n ip2long en PHP 5.1.4 y anteriores puede validar incorrectamente una cadena de su elecci\u00f3n y devolver una direcci\u00f3n IP, la cual permite a atacantes remotos obtener informaci\u00f3n y facilitar otros ataques, como se demostr\u00f3 usando inyecci\u00f3n SQL en la cabecera X-FORWARDED-FOR en index.php en MiniBB 2.0. NOTA: podr\u00eda discutirse que el funcionamiento ip2long representa un riesgo para los asuntos de seguridad relevantes en la medida que es similar al papel de los strcpy en el desbordamiento de b\u00fafer, en cuyo caso esto podr\u00eda ser un tipo de bug de implementaci\u00f3n que requerir\u00eda separar los asuntos CVE para cada aplicaci\u00f3n PHP que utiliza ip2long en una manera se seguridad relevante."}], "id": "CVE-2006-4023", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-08-09T00:04:00.000", "references": [{"source": "[email protected]", "tags": ["Exploit"], "url": "http://retrogod.altervista.org/php_ip2long.htm"}, {"source": "[email protected]", "tags": ["Exploit"], "url": "http://securitytracker.com/id?1016609"}, {"source": "[email protected]", "url": "http://www.securityfocus.com/archive/1/441529/100/100/threaded"}, {"source": "[email protected]", "url": "http://www.securityfocus.com/archive/1/441708/100/100/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://retrogod.altervista.org/php_ip2long.htm"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://securitytracker.com/id?1016609"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/441529/100/100/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/441708/100/100/threaded"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "[email protected]", "type": "Primary"}]}

{"bugzilla": {"description": "php: Improper validation of strings in ip2long function (remote attackers able to obtain network information and facilitate other attacks)", "id": "920517", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=920517"}, "csaw": false, "cvss": {"cvss_base_score": "2.6", "cvss_scoring_vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "status": "draft"}, "cwe": "CWE-20", "details": ["The ip2long function in PHP 5.1.4 and earlier may incorrectly validate an arbitrary string and return a valid network IP address, which allows remote attackers to obtain network information and facilitate other attacks, as demonstrated using SQL injection in the X-FORWARDED-FOR Header in index.php in MiniBB 2.0. NOTE: it could be argued that the ip2long behavior represents a risk for security-relevant issues in a way that is similar to strcpy's role in buffer overflows, in which case this would be a class of implementation bugs that would require separate CVE items for each PHP application that uses ip2long in a security-relevant manner."], "name": "CVE-2006-4023", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "php", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "php53", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "php", "product_name": "Red Hat Enterprise Linux 6"}], "public_date": "2006-07-29T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2006-4023\nhttps://nvd.nist.gov/vuln/detail/CVE-2006-4023"], "threat_severity": "Low"}