Skip to content

Commit 46c8dd2

Browse files
committed
add: AVE-2005-0006
1 parent 1dc4080 commit 46c8dd2

1 file changed

Lines changed: 45 additions & 0 deletions

File tree

vulns/2005/AVE-2005-0006.toml

Lines changed: 45 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,45 @@
1+
[basic]
2+
description = "SAP Web Application Server 6.10 至 7.00 版本的 BSP 运行环境中的 frameset.htm 存在 URI 重定向漏洞。远程攻击者可通过向 sap-sessioncmd 参数传递 close 命令、同时在 sap-exiturl 参数中构造恶意 URL,诱使已登录用户退出系统并重定向至任意外部网站,从而实施钓鱼攻击。该漏洞影响 SAP Web Application Server 6.x 及 7.0 系列版本,CVSS 评分 5.0,危害等级中危。厂商已发布安全补丁,建议用户升级至修复版本。"
3+
published = "2005-11-16T21:22:00.000"
4+
remediation = "建议升级 SAP Web Application Server 至 7.00 之后的补丁版本,安装对应 SAP Security Note 修复包。如无法升级,可在 SAP Web Dispatcher 或反向代理层配置 URL 过滤规则,拦截包含 sap-sessioncmd=close 及 sap-exiturl 参数的外部请求,同时加强对 exiturl 参数的白名单校验以防止未授权重定向。"
5+
score = 5
6+
severity = "MEDIUM"
7+
sources = ["nuclei"]
8+
title = "SAP Web Application Server URI 重定向漏洞"
9+
updated = "2026-06-16T22:17:18.450"
10+
11+
[exploit]
12+
exp_urls = []
13+
poc_urls = []
14+
15+
[id]
16+
aliases = ["CVE-2005-3634"]
17+
ave_id = "AVE-2005-0006"
18+
19+
[meta]
20+
collected_at = "2026-07-15T00:00:00Z"
21+
status = "completed"
22+
23+
[references]
24+
urls = [
25+
"http://marc.info/?l=bugtraq&m=113156525006667&w=2",
26+
"http://secunia.com/advisories/17515/",
27+
"http://securityreason.com/securityalert/163",
28+
"http://www.cybsec.com/vuln/CYBSEC_Security_Advisory_Multiple_XSS_in_SAP_WAS.pdf",
29+
"http://www.securityfocus.com/bid/15362",
30+
"http://www.securitytracker.com/alerts/2005/Nov/1015174.html",
31+
"http://www.vupen.com/english/advisories/2005/2361",
32+
"https://exchange.xforce.ibmcloud.com/vulnerabilities/23031",
33+
"https://www.exploit-db.com/exploits/26488",
34+
"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2005/CVE-2005-3634.yaml",
35+
"https://github.com/trickest/cve/blob/a90de4f84b4783951362f491671e1e9decfc17cb/2005/CVE-2005-3634.md",
36+
"https://github.com/projectdiscovery/nuclei-templates/blob/69a5a3cf926251a00061ec14d208b227367df73d/http/cves/2005/CVE-2005-3634.yaml",
37+
"https://github.com/CVEProject/cvelistV5/blob/8aea42c71147e21c6d32b71ffce877107de995c6/cves/2005/3xxx/CVE-2005-3634.json",
38+
"https://github.com/adampielak/nuclei-templates/blob/ac9605f5a915670fd80cb4e1904f4435f1835b65/nuclei-v3/C/CVE-2005-3634_4.yaml",
39+
"https://github.com/youki992/VscanPlus/blob/714a0e276a538a22c1a6215c71458a8b59a920ef/pocs_yml/nucleiFiles/http/cves/2005/CVE-2005-3634.yaml",
40+
"https://github.com/rix4uni/nucleihub-templates/blob/579a0234551b9e0e322460a62dc77bd6109e4aff/nucleihub-templates/CVE-2005-3634_4.yaml",
41+
"https://github.com/adampielak/nuclei-templates/blob/ac9605f5a915670fd80cb4e1904f4435f1835b65/nuclei-v3/C/CVE-2005-3634_7.yaml",
42+
"https://github.com/elijah-bennett0/IntentLimit/blob/bcfe225cf61ee454aa53896f7f3120246f52119f/tools/exploitation/GoldenBullet/exploits/cve_2005_3634/cve_2005_3634.py",
43+
"https://github.com/rjp2525/cve-data/blob/2f3ce5ef3a11f37d0a2e7d88f12b74499612a438/2005/CVE-2005-3634.json",
44+
"https://github.com/daffainfo/cvelist/blob/37b3071167a2a3fb5757922e970775326b735d8f/cves/2005/3xxx/CVE-2005-3634.json",
45+
]

0 commit comments

Comments
 (0)