Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6129

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-6129
Last Modified 19 Aug 2009 01:23:10
Published 13 Feb 2009 01:30:04
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-6129

Summary

Directory traversal vulnerability in print.php in moziloWiki 1.0.1 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter.

Vulnerable Systems

Application

  • Mozilowiki 0.10

  • Mozilowiki 0.7

  • Mozilowiki 0.8

  • Mozilowiki 0.9

  • Mozilowiki 1.0.0

  • Mozilowiki 1.0.1


References

CONFIRM - http://wiki.mozilo.de/index.php?page=Changelog

XF - mozilowiki-print-directory-traversal(45523)

BID - 31493

SECUNIA - 32024

BUGTRAQ - 20080930 [MajorSecurity Advisory #56]moziloWiki - Directory Traversal, XSS and SessionFixation Issues


Last Updated: 27 May 2016 10:49:04