EUVD-2005-3483

Malware in sbrugna...

CVE-2005-3484

Directory traversal vulnerability in NeroNET 1.2.0.2 and earlier allows remote attackers to read arbitrary files with certain file extensions such as ZIP, AVI, JPG, TXT, and HTML via ".." and hex-encoded 1 slash "/" "%2f" or 2 backslash "" "%5c" sequences...

CVE-2005-3484

CVE-2005-3484 describes a directory traversal vulnerability in NeroNET 1.2.0.2 and earlier. The issue allows remote attackers to read arbitrary files by manipulating directory traversal sequences such as ".." combined with hex-encoded separators ("%2f" for "/" or "%5c" for ""). This affects files...

CVE-2005-3484

Directory traversal vulnerability in NeroNET 1.2.0.2 and earlier allows remote attackers to read arbitrary files with certain file extensions such as ZIP, AVI, JPG, TXT, and HTML via ".." and hex-encoded 1 slash "/" "%2f" or 2 backslash "" "%5c" sequences...

NeroNet remote CD/DVD burning access solution directory traversal

It's possible to retrieve any video/audio/image file with built-in HTTP server...

NeroNet1202.txt

Luigi Auriemma Application: NeroNET http://www.nero.com Versions: = 1.2.0.2 Platforms: Windows Bug: limited directory traversal Exploitation: remote Date: 02 Nov 2005 Author: Luigi Auriemma e-mail: [email protected] web: http://aluigi.altervista.org 1 Introduction 2 Bug 3 The Code 4 Fix...

[Full-disclosure] Limited directory traversal in NeroNET 1.2.0.2

Luigi Auriemma Application: NeroNET http://www.nero.com Versions: = 1.2.0.2 Platforms: Windows Bug: limited directory traversal Exploitation: remote Date: 02 Nov 2005 Author: Luigi Auriemma e-mail: [email protected] web: http://aluigi.altervista.org 1 Introduction 2 Bug 3 The Code 4 Fix...