Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2464

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-2464
Last Modified 06 Feb 2009 12:36:37
Published 31 Dec 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-2464

Summary

Directory traversal vulnerability in ADA Image Server (ImgSvr) 0.4 allows remote attackers to read arbitrary files or list directories via hex-encoded "..//" sequences ("%2e%2e%2f%2f"). NOTE: it was later reported that 0.6.21 and earlier is also affected.

Vulnerable Systems

Application

  • Ada Imgsvr 0.4


References

BID - 10048

BUGTRAQ - 20071224 Double directory traversal in ImgSvr 0.6.21

OSVDB - 4946

SECUNIA - 11287

MISC - http://members.lycos.co.uk/r34ct/main/ADA%20Image%20Server%20(ImgSvr)%200.4.txt

XF - imgsvr-dotdot-directory-traversal(16680)


Last Updated: 27 May 2016 10:39:29