Описание
The Manage Backgrounds functionality within NagVis versions prior to 1.9.29 is vulnerable to an authenticated path traversal vulnerability. Exploitation of this results in a malicious actor having the ability to arbitrarily delete files on the local system.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| nagvis | fixed | 1:1.9.29-1 | package | |
| nagvis | no-dsa | buster | package | |
| nagvis | no-dsa | stretch | package |
Примечания
https://github.com/NagVis/nagvis/commit/275952cb7669d48861634e60583bc25291a101a2 (nagvis-1.9.29)
Связанные уязвимости
The Manage Backgrounds functionality within NagVis versions prior to 1.9.29 is vulnerable to an authenticated path traversal vulnerability. Exploitation of this results in a malicious actor having the ability to arbitrarily delete files on the local system.
The Manage Backgrounds functionality within NagVis versions prior to 1.9.29 is vulnerable to an authenticated path traversal vulnerability. Exploitation of this results in a malicious actor having the ability to arbitrarily delete files on the local system.
The Manage Backgrounds functionality within Nagvis versions prior to 2.0.9 is vulnerable to an authenticated path traversal vulnerability. Exploitation of this results in a malicious actor having the ability to arbitrarily delete files on the local system.