CVE-2008-1410

Опубликовано: 20 мар. 2008

Источник: nvd

CVSS2: 4.3

EPSS Средний

Описание

Directory traversal vulnerability in the PXE Server (pxesrv.exe) in Acronis Snap Deploy 2.0.0.1076 and earlier allows remote attackers to read arbitrary files via directory traversal sequences to the TFTP service.

Ссылки

http://aluigi.altervista.org/adv/acropxe-adv.txt
Exploit
http://secunia.com/advisories/29305
Vendor Advisory
http://securityreason.com/securityalert/3758
http://www.securityfocus.com/archive/1/489358/100/0/threaded
http://www.securityfocus.com/bid/28182
Exploit
http://www.vupen.com/english/advisories/2008/0814/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/41074
https://www.exploit-db.com/exploits/5228
http://aluigi.altervista.org/adv/acropxe-adv.txt
Exploit
http://secunia.com/advisories/29305
Vendor Advisory
http://securityreason.com/securityalert/3758
http://www.securityfocus.com/archive/1/489358/100/0/threaded
http://www.securityfocus.com/bid/28182
Exploit
http://www.vupen.com/english/advisories/2008/0814/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/41074
https://www.exploit-db.com/exploits/5228

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:acronis:snap_deploy:2.0.0.1076:*:*:*:*:*:*:*

EPSS

Процентиль: 93%

0.10509

Средний

4.3 Medium

CVSS2

Дефекты

CWE-22

Связанные уязвимости

GHSA-gc66-4pjr-f4hh

github

почти 4 года назад