Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4220

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2007-4220
Last Modified 07 Mar 2011 09:58:00
Published 28 Aug 2007 09:17:00
Confidentiality Impact NONE NONE
Integrity Impact COMPLETE COMPLETE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-4220

Summary

Directory traversal vulnerability in Motorola Timbuktu Pro before 8.6.5 for Windows allows remote attackers to create or delete arbitrary files via a .. (dot dot) in a Send request, probably related to the (1) Send and (2) Exchange services.

Vulnerable Systems

Application

  • Motorola Timbuktu 8.6.3.1367


References

BID - 25453

IDEFENSE - 20070827 Motorola Timbuktu Pro Directory Traversal Vulnerability

VUPEN - ADV-2007-2990

SECUNIA - 26588

CONFIRM - ftp://ftp-xo.netopia.com/evaluation/docs/timbuktu/win/865/relnotes/TB2Win865Evalrn.pdf

XF - timbuktu-send-directory-traversal(36273)

SECTRACK - 1018614


Last Updated: 27 May 2016 10:45:48