Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6273

Overview

Vulnerability Score 6.0 6.0
CVE Id CVE-2008-6273
Last Modified 09 Jun 2009 01:30:29
Published 25 Feb 2009 11:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2008-6273

Summary

Directory traversal vulnerability in configuration_script.php in MyKtools 3.0 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the langage parameter, a different vulnerability than CVE-2008-4781. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Systems

Application

  • Myktools 3.0


References

XF - myktools-configurationscript-file-include(48957)

SECUNIA - 32432


Last Updated: 27 May 2016 10:49:08