CVE-2004-1678

Опубликовано: 13 сент. 2004

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Directory traversal vulnerability in pdesk.cgi in PerlDesk allows remote attackers to read portions of arbitrary files and possibly execute arbitrary Perl modules via ".." sequences terminated by a %00 (null) character in the lang parameter, which can leak portions of the requested files if a compilation error message occurs.

Ссылки

http://marc.info/?l=bugtraq&m=109509026406554&w=2
http://secunia.com/advisories/12512
Exploit
Patch
Vendor Advisory
http://www.securityfocus.com/bid/11160
Exploit
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/19712
http://marc.info/?l=bugtraq&m=109509026406554&w=2
http://secunia.com/advisories/12512
Exploit
Patch
Vendor Advisory
http://www.securityfocus.com/bid/11160
Exploit
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/19712

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:logicnow:perldesk:*:*:*:*:*:*:*:*

EPSS

Процентиль: 90%

0.05103

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-hq49-5fpc-c85q

github

почти 4 года назад