Lucene search

[email protected]CVE-2011-1409

HistoryJun 24, 2011 - 8:55 p.m.

CVE-2011-1409

2011-06-2420:55:00

CWE-287

[email protected]

web.nvd.nist.gov

fram's fast file exchange

f*ex

fex

cve-2011-1409

authentication bypass

file upload

security vulnerability

6.9 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.007 Low

EPSS

Percentile

79.3%

JSON

Frams’s Fast File EXchange (F*EX, aka fex) 20100208, and possibly other versions before 20110610, allows remote attackers to bypass authentication and upload arbitrary files via a request that lacks an authentication ID.

CPENameOperatorVersion
ulli_horlacher:fexulli horlacher fexeq20100208

CPE	Name	Operator	Version
ulli_horlacher:fex	ulli horlacher fex	eq	20100208

References

fex.rus.uni-stuttgart.de/fex.html

secunia.com/advisories/44940

www.debian.org/security/2011/dsa-2259

www.securityfocus.com/bid/48239

exchange.xforce.ibmcloud.com/vulnerabilities/68005

6.9 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.007 Low

EPSS

Percentile

79.3%

JSON

Related for CVE-2011-1409

osv1 nessus1 ubuntucve1 prion1 securityvulns2 debian1 openvas2 debiancve1 cvelist1