Lucene search
MitreCVELIST:CVE-2008-0405HistoryJan 28, 2008 - 11:00 p.m.
CVE-2008-0405
2008-01-2823:00:00
mitre
www.cve.org
1
Multiple directory traversal vulnerabilities in HTTP File Server (HFS) before 2.2c, when account names are used as log filenames, allow remote attackers to create arbitrary (1) files and (2) directories via a … (dot dot) in an account name, when requesting the / URI; and (3) append arbitrary data to a file via a … (dot dot) in an account name, when requesting a URI composed of a “/?%0a” sequence followed by the data.
References
secunia.com/advisories/28631
securityreason.com/securityalert/3581
www.rejetto.com/hfs/?f=wn
www.securityfocus.com/archive/1/486873/100/0/threaded
www.securityfocus.com/bid/27423
www.syhunt.com/advisories/hfs-1-log.txt
www.syhunt.com/advisories/hfshack.txt
exchange.xforce.ibmcloud.com/vulnerabilities/39873
Related
nvd
nvd
CVE-2008-0405
2008-01-29 00:00:00
prion
prion
Directory traversal
2008-01-29 00:00:00
cve
cve
CVE-2008-0405
2008-01-29 00:00:00
securityvulns
securityvulns
exploitpack
exploitpack
Rejetto HTTP File Server (HFS) 1.52.x - Multiple Vulnerabilities
2008-01-23 00:00:00
seebug
seebug
HFS HTTP File Server 1.5/2.x Multiple Security Vulnerabilities
2014-07-01 00:00:00
HFS HTTP File Server多个远程安全漏洞
2008-01-26 00:00:00
packetstorm
packetstorm
hfshack.txt
2008-01-24 00:00:00
exploitdb
exploitdb
Rejetto HTTP File Server (HFS) 1.5/2.x - Multiple Vulnerabilities
2008-01-23 00:00:00