Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1621

Overview

Vulnerability Score 4.0 4.0
CVE Id CVE-2006-1621
Last Modified 05 Sep 2008 05:02:24
Published 05 Apr 2006 06:04:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2006-1621

Summary

Directory traversal vulnerability in admin/folders/saveuploadfiles.asp in Hosting Controller 2002 RC 1 allows remote authenticated users to overwrite arbitrary files via an absolute path in the OpenPath parameter.

Vulnerable Systems

Application

  • Hosting Controller 2002 Rc 1


References

BUGTRAQ - 20060402 Hosting Controller AccountActions.asp and saveuploadfiles.asp vulns (PoC)

XF - hosting-controller-Saveupload-file-upload(25675)

OSVDB - 24772


Last Updated: 27 May 2016 10:42:09