CVE-2009-2166

Опубликовано: 22 июн. 2009

Источник: debian

EPSS Низкий

Описание

Absolute path traversal vulnerability in cvs.php in OCS Inventory NG before 1.02.1 on Unix allows remote attackers to read arbitrary files via a full pathname in the log parameter.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
ocsinventory-server	fixed	1.02.1-1		package

Примечания

README.Debian states Important: access to the reports server should be restricted

EPSS

Процентиль: 87%

0.03478

Низкий

Связанные уязвимости

CVE-2009-2166

ubuntu

больше 16 лет назад

Absolute path traversal vulnerability in cvs.php in OCS Inventory NG before 1.02.1 on Unix allows remote attackers to read arbitrary files via a full pathname in the log parameter.

CVE-2009-2166

nvd

больше 16 лет назад

Absolute path traversal vulnerability in cvs.php in OCS Inventory NG before 1.02.1 on Unix allows remote attackers to read arbitrary files via a full pathname in the log parameter.

GHSA-6wjf-4944-xw92

github

почти 4 года назад

Absolute path traversal vulnerability in cvs.php in OCS Inventory NG before 1.02.1 on Unix allows remote attackers to read arbitrary files via a full pathname in the log parameter.

EPSS

Процентиль: 87%

0.03478

Низкий