Lucene search
PRIOn knowledge basePRION:CVE-2007-2836HistoryJul 02, 2007 - 7:30 p.m.
Directory traversal
2007-07-0219:30:00
PRIOn knowledge base
www.prio-n.com
Directory traversal vulnerability in session.rb in Hiki 0.8.0 through 0.8.6 allows remote attackers to delete arbitrary files via directory traversal sequences in the session ID, which is matched against an insufficiently restrictive regular expression before it is used to construct a filename that is marked for deletion at logout.
References
bugs.debian.org/cgi-bin/bugreport.cgi?bug=430691
hikiwiki.org/en/advisory20070624.html
hikiwiki.org/hiki-0_8_6.patch
jvn.jp/jp/JVN%2305187780/index.html
osvdb.org/37469
secunia.com/advisories/25764
secunia.com/advisories/25874
www.debian.org/security/2007/dsa-1324
www.securityfocus.com/bid/24603
www.vupen.com/english/advisories/2007/2304
exchange.xforce.ibmcloud.com/vulnerabilities/35029
Related
nessus
nessus
Debian DSA-1324-1 : hiki - missing input sanitising
2007-07-01 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-1324-1)
2023-03-08 00:00:00
cvelist
cvelist
CVE-2007-2836
2007-07-02 19:00:00
nvd
nvd
CVE-2007-2836
2007-07-02 19:30:00
CVE-2007-3395
2007-06-26 17:30:00
debian
debian
[SECURITY] [DSA 1324-1] New hiki packages fix missing input sanitising
2007-06-28 21:04:32
osv
osv
hiki
2007-06-28 00:00:00
debiancve
debiancve
CVE-2007-2836
2007-07-02 19:30:00
ubuntucve
ubuntucve
CVE-2007-2836
2007-07-02 00:00:00
cve
cve
CVE-2007-2836
2007-07-02 19:30:00
CVE-2007-3395
2007-06-26 17:30:00
prion
prion
Design/Logic Flaw
2007-06-26 17:30:00