Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3829

Overview

Vulnerability Score 4.0 4.0
CVE Id CVE-2011-3829
Last Modified 02 Feb 2012 12:00:00
Published 28 Jan 2012 11:04:44
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2011-3829

Summary

ftp_upload_file.php in Support Incident Tracker (aka SiT!) 3.65 allows remote authenticated users to obtain sensitive information via the file name, which reveals the installation path in an error message.

Vulnerable Systems

Application

  • Sitracker Support Incident Tracker 3.65


References

XF - sit-ftpuploadfile-path-disclosure(71233)

BID - 50632

OSVDB - 76999

EXPLOIT-DB - 18108

MISC - http://secunia.com/secunia_research/2011-75/

SECUNIA - 45453

MISC - http://packetstormsecurity.org/files/106933/sit_file_upload.rb.txt


Last Updated: 27 May 2016 10:58:07