EDB-4713
remotewindowsVERIFIED
barracudadrive 3.7.2 - Multiple Vulnerabilities
CVE-2007-6317CVE-2007-6316CVE-2007-6315+1 more
Luigi Auriemma12/10/2007
CVE-2007-6317
NONEMultiple directory traversal vulnerabilities in BarracudaDrive Web Server before 3.8 allow (1) remote attackers to read arbitrary files via certain ..\ (dot dot backslash) sequences in the URL path, o
Опубликовано: 12/12/2007Обновлено: 4/9/2025
Описание
Multiple directory traversal vulnerabilities in BarracudaDrive Web Server before 3.8 allow (1) remote attackers to read arbitrary files via certain ..\ (dot dot backslash) sequences in the URL path, or (2) remote authenticated users to delete arbitrary files or create arbitrary directories via a ..\ (dot dot backslash) sequence in the dir parameter to /drive/c/bdusers/USER/.
ИИ-АнализНа базе ИИ
Затронутые продукты
real_time_logicbarracudadrive_web_server
3.7.2
real_time_logicbarracudadrive_web_server_home_server
3.7.2
Доступные эксплойты (1)
Ссылки
- http://aluigi.altervista.org/adv/barradrive-adv.txtExploit
- http://secunia.com/advisories/28032Vendor Advisory
- http://securityreason.com/securityalert/3434
- http://www.securityfocus.com/archive/1/484833/100/0/threaded
- http://www.securityfocus.com/bid/26805ExploitPatch
- http://aluigi.altervista.org/adv/barradrive-adv.txtExploit
- http://secunia.com/advisories/28032Vendor Advisory
- http://securityreason.com/securityalert/3434
- http://www.securityfocus.com/archive/1/484833/100/0/threaded
- http://www.securityfocus.com/bid/26805ExploitPatch