Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1884

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2005-1884
Last Modified 05 Sep 2008 04:50:20
Published 09 Jun 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-1884

Summary

Directory traversal vulnerability in the (1) rmdir or (2) mkdir commands in upload.php in YaPiG 0.92b, 0.93u and 0.94u allows remote attackers to create or delete arbitrary directories via a .. (dot dot) in the dir parameter.

Vulnerable Systems

Application

  • Yapig 0.92b

  • Yapig 0.93u

  • Yapig 0.94u


References

BID - 13877

OSVDB - 17120

MISC - http://secwatch.org/advisories/secwatch/20050530_yapig.txt

SECTRACK - 1014103

SECUNIA - 15600


Last Updated: 27 May 2016 10:40:20