Vulnerabilities > CVE-2004-1612 - Remote vulnerability in Saleslogix Corporation Saleslogix 2000.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Directory traversal vulnerability in SalesLogix 6.1 allows remote attackers to upload arbitrary files via a .. (dot dot) in a ProcessQueueFile request.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description SLX Server 6.1 Arbitrary File Creation Exploit (PoC). CVE-2004-1612. Remote exploit for windows platform id EDB-ID:583 last seen 2016-01-31 modified 2004-10-18 published 2004-10-18 reporter Carl Livitt source https://www.exploit-db.com/download/583/ title SLX Server 6.1 - Arbitrary File Creation Exploit PoC description Best Software SalesLogix 2000.0 Multiple Remote Vulnerabilities. CVE-2004-1612. Remote exploit for windows platform id EDB-ID:24688 last seen 2016-02-02 modified 2004-10-18 published 2004-10-18 reporter Carl Livitt source https://www.exploit-db.com/download/24688/ title best software saleslogix 2000.0 - Multiple Vulnerabilities
References
- http://archives.neohapsis.com/archives/fulldisclosure/2004-10/0661.html
- http://marc.info/?l=bugtraq&m=109811852218478&w=2
- http://secunia.com/advisories/12883
- http://securitytracker.com/id?1011769
- http://www.osvdb.org/10949
- http://www.securityfocus.com/bid/11450
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17765