Lucene search

[email protected]CVE-2004-1444

HistoryFeb 13, 2005 - 5:00 a.m.

CVE-2004-1444

2005-02-1305:00:00

CWE-22

[email protected]

web.nvd.nist.gov

cve-2004-1444

roundup

vulnerability

directory traversal

remote attackers

http get request

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.8 Medium

AI Score

Confidence

Low

0.015 Low

EPSS

Percentile

86.9%

JSON

Directory traversal vulnerability in Roundup 0.6.4 and earlier allows remote attackers to view arbitrary files via … (dot dot) sequences in an @@ command in an HTTP GET request.

Affected configurations

NVD

Node

roundup-trackerroundupRange≤0.6.4

roundup-trackerroundupMatch0.1.0

roundup-trackerroundupMatch0.1.1

roundup-trackerroundupMatch0.1.2

roundup-trackerroundupMatch0.1.3

roundup-trackerroundupMatch0.2.0

roundup-trackerroundupMatch0.2.1

roundup-trackerroundupMatch0.2.2

roundup-trackerroundupMatch0.2.3

roundup-trackerroundupMatch0.2.4

roundup-trackerroundupMatch0.2.5

roundup-trackerroundupMatch0.2.6

roundup-trackerroundupMatch0.2.7

roundup-trackerroundupMatch0.2.8

roundup-trackerroundupMatch0.3.0

roundup-trackerroundupMatch0.3.0pre1

roundup-trackerroundupMatch0.3.0pre2

roundup-trackerroundupMatch0.3.0pre3

roundup-trackerroundupMatch0.4.0

roundup-trackerroundupMatch0.4.0b1

roundup-trackerroundupMatch0.4.0b2

roundup-trackerroundupMatch0.4.1

roundup-trackerroundupMatch0.4.2

roundup-trackerroundupMatch0.4.2pr1

roundup-trackerroundupMatch0.5

roundup-trackerroundupMatch0.5.0

roundup-trackerroundupMatch0.5.0beta1

roundup-trackerroundupMatch0.5.0beta2

roundup-trackerroundupMatch0.5.0pr1

roundup-trackerroundupMatch0.5.1

roundup-trackerroundupMatch0.5.2

roundup-trackerroundupMatch0.5.3

roundup-trackerroundupMatch0.5.4

roundup-trackerroundupMatch0.5.5

roundup-trackerroundupMatch0.5.6

roundup-trackerroundupMatch0.5.7

roundup-trackerroundupMatch0.5.8stable

roundup-trackerroundupMatch0.5.9

roundup-trackerroundupMatch0.6.0

roundup-trackerroundupMatch0.6.0b1

roundup-trackerroundupMatch0.6.0b2

roundup-trackerroundupMatch0.6.0b3

roundup-trackerroundupMatch0.6.0b4

roundup-trackerroundupMatch0.6.1

roundup-trackerroundupMatch0.6.2

roundup-trackerroundupMatch0.6.3

CPENameOperatorVersion
roundup-tracker:rounduproundup-tracker rounduple0.6.4
roundup-tracker:rounduproundup-tracker roundupeq0.1.0
roundup-tracker:rounduproundup-tracker roundupeq0.1.1
roundup-tracker:rounduproundup-tracker roundupeq0.1.2
roundup-tracker:rounduproundup-tracker roundupeq0.1.3
roundup-tracker:rounduproundup-tracker roundupeq0.2.0
roundup-tracker:rounduproundup-tracker roundupeq0.2.1
roundup-tracker:rounduproundup-tracker roundupeq0.2.2
roundup-tracker:rounduproundup-tracker roundupeq0.2.3
roundup-tracker:rounduproundup-tracker roundupeq0.2.4

CPE	Name	Operator	Version
roundup-tracker:roundup	roundup-tracker roundup	le	0.6.4
roundup-tracker:roundup	roundup-tracker roundup	eq	0.1.0
roundup-tracker:roundup	roundup-tracker roundup	eq	0.1.1
roundup-tracker:roundup	roundup-tracker roundup	eq	0.1.2
roundup-tracker:roundup	roundup-tracker roundup	eq	0.1.3
roundup-tracker:roundup	roundup-tracker roundup	eq	0.2.0
roundup-tracker:roundup	roundup-tracker roundup	eq	0.2.1
roundup-tracker:roundup	roundup-tracker roundup	eq	0.2.2
roundup-tracker:roundup	roundup-tracker roundup	eq	0.2.3
roundup-tracker:roundup	roundup-tracker roundup	eq	0.2.4