Lucene search
HistoryFeb 25, 2008 - 9:44 p.m.
CVE-2008-0946
cve-2008-0946
directory traversal
ipswitch im server
security vulnerability
remote authentication
4.9 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:P/A:N
6.3 Medium
AI Score
Confidence
Low
0.01 Low
EPSS
Percentile
84.1%
Directory traversal vulnerability in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to create arbitrary empty files via a … (dot dot) in the recipient field.
Affected configurations
Node
ipswitchimserverRange≤2.0.8.1
ORipswitchinstant_messagingRange≤2.0.8.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| ipswitch:imserver | ipswitch imserver | le | 2.0.8.1 |
| ipswitch:instant_messaging | ipswitch instant messaging | le | 2.0.8.1 |
Related
prion
prion
Directory traversal
2008-02-25 21:44:00
nvd
nvd
CVE-2008-0946
2008-02-25 21:44:00
cvelist
cvelist
CVE-2008-0946
2008-02-25 21:00:00
4.9 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:P/A:N
6.3 Medium
AI Score
Confidence
Low
0.01 Low
EPSS
Percentile
84.1%
Related for CVE-2008-0946