Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2609

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-2609
Last Modified 05 Sep 2008 04:52:12
Published 17 Aug 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2609

Summary

index.php in VegaDNS 0.8.1, 0.9.8, and possibly other versions, allows remote attackers to obtain the full server path via an invalid VDNS_Sessid parameter.

Vulnerable Systems

Application

  • Vegadns 0.8.1

  • Vegadns 0.9.8


References

MISC - http://www.packetstormsecurity.org/0508-exploits/vegadns-dyn0.txt

SECUNIA - 16370

CONFIRM - http://vegadns.org/src/current/CHANGELOG


Last Updated: 27 May 2016 10:40:34