Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6522

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2008-6522
Last Modified 17 Jun 2009 12:00:00
Published 25 Mar 2009 02:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-6522

Summary

Multiple directory traversal vulnerabilities in the RenderFile function in ContentRender.class.php in Terracotta (aka OpenTerracotta) 0.6.1, and possibly other versions, allow remote attackers to list arbitrary directories and read arbitrary files via a .. (dot dot) in the (1) CurrentDirectory and (2) File parameters to index.php.

Vulnerable Systems

Application

  • Devraj Mukherjee Openterracotta 0.6.1


References

XF - terracotta-index-file-include(41572)

BID - 28550

BUGTRAQ - 20080401 Terracotta Personal Edition Multiple vulnerabilities


Last Updated: 27 May 2016 10:49:14