CVE-2007-4220

Sažetak

Directory traversal vulnerability in Motorola Timbuktu Pro before 8.6.5 for Windows allows remote attackers to create or delete arbitrary files via a .. (dot dot) in a Send request, probably related to the (1) Send and (2) Exchange services.

Reference

ftp://ftp-xo.netopia.com/evaluation/docs/timbuktu/win/865/relnotes/TB2Win865Evalrn.pdf
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=589
http://secunia.com/advisories/26588
http://www.securityfocus.com/bid/25453
http://www.securitytracker.com/id?1018614
http://www.vupen.com/english/advisories/2007/2990
https://exchange.xforce.ibmcloud.com/vulnerabilities/36273

CVSS

Base:	7.8
Impact:	6.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	COMPLETE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:N/I:C/A:N

Zadnje važnije ažuriranje

29-07-2017 - 01:32

Objavljeno

29-08-2007 - 01:17