Debian Security Advisory DSA 223-1 (geneweb)

The remote host is missing an update to geneweb announced via advisory DSA 223-1. OpenVAS Vulnerability Test $Id: deb2231.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 223-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian DSA-223-1 : geneweb - information exposure

A security issue has been discovered by Daniel de Rauglaudre, upstream author of geneweb, a genealogical software with web interface. It runs as a daemon on port 2317 by default. Paths are not properly sanitized, so a carefully crafted URL lead geneweb to read and display arbitrary files of the...

CVE-2002-1390

CVE-2002-1390 concerns the GeneWeb daemon (before version 4.09), where improper handling of requested paths enables a remote attacker to read arbitrary files via a crafted URL. The issue is documented in the Debian DSA-223 advisory (and mirrored OpenVAS/NVD records). Mitigation per connected sour...

CVE-2002-1390

The daemon for GeneWeb before 4.09 does not properly handle requested paths, which allows remote attackers to read arbitrary files via a crafted URL...

CVE-2002-1390

The daemon for GeneWeb before 4.09 does not properly handle requested paths, which allows remote attackers to read arbitrary files via a crafted URL...