Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2538

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-2538
Last Modified 05 Sep 2008 04:52:01
Published 10 Aug 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2538

Summary

FlatNuke 2.5.5 and possibly earlier versions allows remote attackers to obtain sensitive information via (1) a null byte or (2) an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1 in the mod parameter.

Vulnerable Systems

Application

  • Flatnuke 2.5.5


References

MISC - http://www.rgod.altervista.org/flatnuke.html

BUGTRAQ - 20050804 FlatNuke 2.5.5 (possibly prior versions) remote commands

OSVDB - 18550

SECUNIA - 16330


Last Updated: 27 May 2016 10:40:33