Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1678


Vulnerability Score 5.0 5.0
CVE Id CVE-2004-1678
Last Modified 05 Sep 2008 04:42:03
Published 13 Sep 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Directory traversal vulnerability in pdesk.cgi in PerlDesk allows remote attackers to read portions of arbitrary files and possibly execute arbitrary Perl modules via ".." sequences terminated by a %00 (null) character in the lang parameter, which can leak portions of the requested files if a compilation error message occurs.

Vulnerable Systems


  • Logicnow Perldesk


XF - perldesk-directory-traversal(19712)

SECUNIA - 12512

BID - 11160

BUGTRAQ - 20040912 Posible Inclusion File in Perl Desk

Last Updated: 27 May 2016 10:39:08