Lucene search

K
cveNVDCVE-2005-0153
HistoryFeb 02, 2005 - 12:00 a.m.

CVE-2005-0153: newsgrab file names directory traversal

2005-02-0200:00:00
NVD
web.nvd.nist.gov
18
cve-2005-0153
newsgrab
directory traversal
unix
security vulnerability
nvd

6.7 Medium

AI Score

Confidence

Low

newsgrab is an application running on Unix that is used to download binary encoded messages from USENet. newsgrab versions prior to 0.5.0pre4 could allow a remote attacker to traverse directories on the Web server, caused by improper validation of user-supplied input in the file name. A remote attacker can send a specially-crafted file name containing “dot dot” (/…/) sequences to traverse directories and overwrite arbitrary files on the system with user privileges.

6.7 Medium

AI Score

Confidence

Low

Related for CVE-2005-0153