Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1051

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2001-1051
Last Modified 05 Sep 2008 04:25:33
Published 02 Oct 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-1051

Summary

Dark Hart Portal (darkportal) PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.

Vulnerable Systems

Application

  • Dark Hart Portal Darkportal-unix 0.1.16

  • Dark Hart Portal Darkportal-unix 0.1.17

  • Dark Hart Portal Darkportal-unix 0.1.18


References

BUGTRAQ - 20011002 results of semi-automatic source code audit

XF - php-includedir-code-execution(7215)

BID - 3390

MISC - http://sourceforge.net/tracker/index.php?func=detail&aid=440666&group_id=20971&atid=120971


Last Updated: 27 May 2016 10:36:30