JBMC Software DirectAdmin before 1.334 allows local users to create or overwrite any file via a symlink attack on an arbitrary file in a certain temporary directory, related to a request for this temporary file in the PATH_INFO to the CMD_DB script during a backup action.
CPE | Name | Operator | Version |
---|---|---|---|
directadmin | eq | 1.16 | |
directadmin | eq | 1.02 | |
directadmin | eq | 1.17 | |
directadmin | eq | 1.282 | |
directadmin | eq | 1.235 | |
directadmin | eq | 1.231 | |
directadmin | eq | 1.05 | |
directadmin | eq | 1.281 | |
directadmin | eq | 1.255 | |
directadmin | eq | 1.205 |