Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1201


Vulnerability Score 6.4 6.4
CVE Id CVE-2005-1201
Last Modified 05 Sep 2008 04:48:30
Published 02 May 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Multiple directory traversal vulnerabilities in AZ Bulletin board (AZbb) before 1.0.08 allow (1) remote authenticated users with administrative privileges to delete arbitrary files via a .. (dot dot) in the URL to admin_avatar.php or admin_attachment.php or (2) remote attackers to enumerate files via a .. (dot dot) in the attachment parameter to attachment.php, which displays a different message when a file exists or does not exist.

Vulnerable Systems


SECUNIA - 15013


XF - az-bulletin-board-file-existence(20183)

XF - az-bulletin-board-file-modification(20180)

OSVDB - 15702

OSVDB - 15701


BUGTRAQ - 20050420 Multiple Security Issues Found In AZBB

Last Updated: 27 May 2016 10:40:05