Vulnerabilities > CVE-2004-2253 - Unspecified vulnerability in Netwin Surgeldap 1.0D/1.0E/1.0G
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN netwin
exploit available
Summary
Directory traversal vulnerability in user.cgi in SurgeLDAP 1.0g and earlier allows remote attackers to read arbitrary files via a .. in the page parameter of the show command.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 |
Exploit-Db
description | SurgeLDAP 1.0 User.CGI Directory Traversal Vulnerability. CVE-2004-2253. Remote exploit for cgi platform |
id | EDB-ID:23987 |
last seen | 2016-02-02 |
modified | 2004-04-12 |
published | 2004-04-12 |
reporter | dr_insane |
source | https://www.exploit-db.com/download/23987/ |
title | SurgeLDAP 1.0 User.CGI Directory Traversal Vulnerability |
References
- http://members.lycos.co.uk/r34ct/main/SurgeLDAP%201.0g.txt
- http://members.lycos.co.uk/r34ct/main/SurgeLDAP%201.0g.txt
- http://secunia.com/advisories/11343
- http://secunia.com/advisories/11343
- http://www.securityfocus.com/bid/10103
- http://www.securityfocus.com/bid/10103
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15851
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15851