Lucene search

[email protected]CVE-2008-1555

HistoryMar 31, 2008 - 5:44 p.m.

CVE-2008-1555

2008-03-3117:44:00

CWE-22

[email protected]

web.nvd.nist.gov

cve

2008

1555

directory traversal

vulnerability

bolinos 4.6.1

remote

attack

include

execute

arbitrary

local

files

7.9 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.7%

JSON

Directory traversal vulnerability in system/_b/contentFiles/gbincluder.php in BolinOS 4.6.1 allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the _bFileToInclude parameter.

CPENameOperatorVersion
bolinos:bolinosbolinoseq4.6.1

CPE	Name	Operator	Version
bolinos:bolinos	bolinos	eq	4.6.1

References

secunia.com/advisories/29535

securityreason.com/securityalert/3788

www.securityfocus.com/archive/1/490058/100/0/threaded

www.securityfocus.com/bid/28445

exchange.xforce.ibmcloud.com/vulnerabilities/41431

www.exploit-db.com/exploits/5309

7.9 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.7%

JSON

Related for CVE-2008-1555

prion1 cvelist1