Lucene search

PRIOn knowledge basePRION:CVE-2008-5728

HistoryDec 26, 2008 - 5:30 p.m.

Directory traversal

2008-12-2617:30:00

PRIOn knowledge base

www.prio-n.com

7.8 High

AI Score

Confidence

Low

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

78.7%

JSON

Multiple directory traversal vulnerabilities in AIST NetCat 3.12 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a … (dot dot) in (1) the system parameter in modules/netshop/post.php; and the INCLUDE_FOLDER parameter in (2) auth.inc.php, (3) banner.inc.php, (4) blog.inc.php, and (5) forum.inc.php in modules/.

CPENameOperatorVersion
netcateq2.4
netcateq2.3
netcateq2.1
netcateq2.2
netcatle3.12
netcateq3.0
netcateq1.1
netcateq2.0

Name	Operator	Version
netcat	eq	2.4
netcat	eq	2.3
netcat	eq	2.1
netcat	eq	2.2
netcat	le	3.12
netcat	eq	3.0
netcat	eq	1.1
netcat	eq	2.0

References

securityreason.com/securityalert/4819

www.securityfocus.com/bid/32992

exchange.xforce.ibmcloud.com/vulnerabilities/47576

www.exploit-db.com/exploits/7560

7.8 High

AI Score

Confidence

Low

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

78.7%

JSON

Related for PRION:CVE-2008-5728