Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0772

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2002-0772
Last Modified 05 Sep 2008 04:28:54
Published 12 Aug 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0772

Summary

Directory traversal vulnerability in dsnmanager.asp for Hosting Controller allows remote attackers to read arbitrary files and directories via a .. (dot dot) in the RootName parameter.

Vulnerable Systems

Application

  • Hosting Controller 1.1

  • Hosting Controller 1.3

  • Hosting Controller 1.4

  • Hosting Controller 1.4.1

  • Hosting Controller 1.4b


References

BID - 4759

BUGTRAQ - 20020517 Hosting Controller still have dangerous bugs!

XF - hosting-controller-dsnmanager-traversal(9104)


Last Updated: 27 May 2016 10:37:04