Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1410

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-1410
Last Modified 07 Mar 2011 10:07:03
Published 20 Mar 2008 06:44:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-1410

Summary

Directory traversal vulnerability in the PXE Server (pxesrv.exe) in Acronis Snap Deploy 2.0.0.1076 and earlier allows remote attackers to read arbitrary files via directory traversal sequences to the TFTP service.

Vulnerable Systems

Application

  • Acronis Snap Deploy 2.0.0.1076


References

XF - acronissnap-pxeserver-directory-traversal(41074)

VUPEN - ADV-2008-0814

BID - 28182

BUGTRAQ - 20080310 Directory traversal and NULL pointer in Acronis PXE Server 2.0.0.1076

MILW0RM - 5228

SECUNIA - 29305

MISC - http://aluigi.altervista.org/adv/acropxe-adv.txt

SREASON - 3758


Last Updated: 27 May 2016 10:47:08