Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6423

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-6423
Last Modified 02 Apr 2009 01:43:27
Published 06 Mar 2009 01:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-6423

Summary

Directory traversal vulnerability in passwiki.php in PassWiki 0.9.16 RC3 and earlier allows remote attackers to read arbitrary local files via a .. (dot dot) in the site_id parameter.

Vulnerable Systems

Application

  • I-apps Passwiki 0.9.10

  • I-apps Passwiki 0.9.11

  • I-apps Passwiki 0.9.12

  • I-apps Passwiki 0.9.13

  • I-apps Passwiki 0.9.14

  • I-apps Passwiki 0.9.15

  • I-apps Passwiki 0.9.16

  • I-apps Passwiki 0.9.3

  • I-apps Passwiki 0.9.5

  • I-apps Passwiki 0.9.6

  • I-apps Passwiki 0.9.7

  • I-apps Passwiki 0.9.8

  • I-apps Passwiki 0.9.9


References

XF - passwiki-passwiki-file-include(42768)

BID - 29455

MILW0RM - 5704

SECUNIA - 30496

OSVDB - 45853


Last Updated: 27 May 2016 10:49:10