|
|
CVE Reference: CVE-2007-6317 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-6317 |
|
|
Description: Multiple directory traversal vulnerabilities in BarracudaDrive Web Server before 3.8 allow (1) remote attackers to read arbitrary files via certain ..\ (dot dot backslash) sequences in the URL path, or (2) remote authenticated users to delete arbitrary files or create arbitrary directories via a ..\ (dot dot backslash) sequence in the dir parameter to /drive/c/bdusers/USER/. |
|
|
CVE Status: Candidate |
|
|
References: SREASON http://securityreason.com/securityalert/3434 SAID Secunia Advisory: SA28032 MISC http://aluigi.altervista.org/adv/barradrive-adv.txt BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/484833/100/0/threaded BID 26805 |
|
| Return to the previous page. |
