Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4202

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-4202
Last Modified 07 Mar 2011 09:27:50
Published 13 Dec 2005 06:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-4202

Summary

Multiple directory traversal vulnerabilities in LogiSphere 0.9.9j allow remote attackers to access arbitrary files via (1) .. (dot dot), (2) "..." (triple dot), and (3) "..//" sequences in the URL, (4) "../" sequences in the source parameter to viewsource.jsp, or (5) "..\" (dot dot backslash) sequences in the NS-query-pat paramter to the search URL. URL.

Vulnerable Systems

Application

  • Logisphere 0.9.9j


References

XF - logisphere-dotdot-directory-traversal(23552)

VUPEN - ADV-2005-2840

BID - 15807

MISC - http://www.ipomonis.com/advisories/logisphere_server.zip

SECUNIA - 17989


Last Updated: 27 May 2016 10:41:12