Vulnerabilities > CVE-2004-2526 - Unspecified vulnerability in IBM Tivoli Directory Server 3.2.2/4.1
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Directory traversal vulnerability in ldacgi.exe in IBM Tivoli Directory Server 4.1 and earlier allows remote attackers to view arbitrary files via a .. (dot dot) in the Template parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 |
Exploit-Db
| description | IBM Tivoli Directory Server 3.2.2/4.1 LDACGI Directory Traversal Vulnerability. CVE-2004-2526. Remote exploit for windows platform |
| id | EDB-ID:24345 |
| last seen | 2016-02-02 |
| modified | 2004-08-02 |
| published | 2004-08-02 |
| reporter | anonymous |
| source | https://www.exploit-db.com/download/24345/ |
| title | IBM Tivoli Directory Server 3.2.2/4.1 LDACGI Directory Traversal Vulnerability |
Nessus
| NASL family | CGI abuses |
| NASL id | TIVOLI_LDACGI_TRAVERSAL.NASL |
| description | The remote host is running IBM Tivoli |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 14191 |
| published | 2004-08-02 |
| reporter | This script is Copyright (C) 2004-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/14191 |
| title | Tivoli Directory Server ldacgi.exe Template Parameter Traversal Arbitrary File Access |
References
- http://archives.neohapsis.com/archives/fulldisclosure/2004-07/1311.html
- http://archives.neohapsis.com/archives/fulldisclosure/2004-07/1311.html
- http://secunia.com/advisories/10347
- http://secunia.com/advisories/10347
- http://securitytracker.com/id?1010834
- http://securitytracker.com/id?1010834
- http://www.oliverkarow.de/research/IDS_directory_traversal.txt
- http://www.oliverkarow.de/research/IDS_directory_traversal.txt
- http://www.osvdb.org/8367
- http://www.osvdb.org/8367
- http://www.securityfocus.com/bid/10841
- http://www.securityfocus.com/bid/10841
- http://www-1.ibm.com/support/docview.wss?uid=isg1IR52692
- http://www-1.ibm.com/support/docview.wss?uid=isg1IR52692
- http://www-1.ibm.com/support/docview.wss?uid=swg1IR53631
- http://www-1.ibm.com/support/docview.wss?uid=swg1IR53631
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16850
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16850