Securityreporter Security Vulnerabilities and Issues — Securityreporter CVE List

SecurecomputingSecurityreporter

3 matches found

CVE•added 2007/07/25 6:0 p.m.•50 views

CVE-2007-3986

CVE-2007-3986 affects Secure Computing SecurityReporter (aka Network Security Analyzer) 4.6.3. The issue is in the file.cgi component where the name parameter can specify an eventcache directory and a non-GIF file, bypassing authentication by setting the $dontvalidate variable. A separate travers...

5CVSS6.9AI score0.00833EPSS

CVE•added 2007/07/27 10:0 p.m.•49 views

CVE-2007-4043

CVE-2007-4043 affects Secure Computing SecurityReporter (aka Network Security Analyzer) prior to 4.6.3. A vulnerability allows remote attackers to bypass authentication via a name parameter ending with a “%00.gif” sequence, and a separate traversal vulnerability could be leveraged to download arb...

9.8CVSS6.9AI score0.00355EPSS

CVE•added 2007/07/25 6:0 p.m.•40 views

CVE-2007-3985

The CVE-2007-3985 issue affects Secure Computing SecurityReporter (aka Network Security Analyzer) version 4.6.3, where the file.cgi script fails to sanitize the name parameter. This enables a directory traversal attack (".." in the name) allowing remote attackers to download arbitrary files from ...

5CVSS6.7AI score0.01007EPSS