CVE-2005-2609

2005-08-1704:00:00

mitre

www.cve.org

AI Score

6.7

Confidence

Low

EPSS

0.005

Percentile

75.7%

JSON

index.php in VegaDNS 0.8.1, 0.9.8, and possibly other versions, allows remote attackers to obtain the full server path via an invalid VDNS_Sessid parameter.

References

secunia.com/advisories/16370

vegadns.org/src/current/CHANGELOG

www.packetstormsecurity.org/0508-exploits/vegadns-dyn0.txt