CVE-2008-1410

Sažetak

Directory traversal vulnerability in the PXE Server (pxesrv.exe) in Acronis Snap Deploy 2.0.0.1076 and earlier allows remote attackers to read arbitrary files via directory traversal sequences to the TFTP service.

Reference

http://aluigi.altervista.org/adv/acropxe-adv.txt
http://secunia.com/advisories/29305
http://securityreason.com/securityalert/3758
http://www.securityfocus.com/archive/1/489358/100/0/threaded
http://www.securityfocus.com/bid/28182
http://www.vupen.com/english/advisories/2008/0814/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/41074
https://www.exploit-db.com/exploits/5228

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

11-10-2018 - 20:33

Objavljeno

20-03-2008 - 10:44