Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1281

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-1281
Last Modified 07 Mar 2011 10:06:27
Published 10 Mar 2008 07:44:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-1281

Summary

Directory traversal vulnerability in TFTPsrvs.exe 2.5.3.1 and earlier, as used in Argon Technology Client Management Services (CMS) 1.31 and earlier, allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter.

Vulnerable Systems

Application

  • Argontechnology Client Management Services 1.31


References

XF - argoncms-tftpsrvs-directory-traversal(41076)

VUPEN - ADV-2008-0815

BID - 28160

BUGTRAQ - 20080310 Directory traversal in Argon Client Management Services 1.31

MILW0RM - 5230

SECUNIA - 29302

MISC - http://aluigi.altervista.org/adv/argonauti-adv.txt


Last Updated: 27 May 2016 10:47:06