Vulnerabilities > CVE-2005-1367 - Unspecified vulnerability in Pico Server Pico Server

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

pico-server

NVD

Published: 2005-05-16

Updated: 2016-10-18

Summary

Pico Server (pServ) 3.2 and earlier allows local users to read arbitrary files as the pServ user via a symlink to a file outside of the web document root.

Vulnerable Configurations

Part	Description	Count
Application	Pico_Server Pico Server Pico Server 3.0 Pico Server Pico Server 3.0_Beta_3 Pico Server Pico Server 3.1 Pico Server Pico Server 3.2	4

Packetstorm

data source	https://packetstormsecurity.com/files/download/39269/rt-sa-2005-012.txt
id	PACKETSTORM:39269
last seen	2016-12-05
published	2005-08-14
reporter	tsyklon.informatik.rwth-aachen.de
source	https://packetstormsecurity.com/files/39269/rt-sa-2005-012.txt.html
title	rt-sa-2005-012.txt

References

http://marc.info/?l=full-disclosure&m=111625623909003&w=2
http://www.redteam-pentesting.de/advisories/rt-sa-2005-012.txt