Vulnerabilities > CVE-2006-1224 - Remote Directory Traversal vulnerability in GuppY Dwnld.PHP
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Directory traversal vulnerability in dwnld.php in GuppY 4.5.11 allows remote attackers to overwrite arbitrary files via a "%2E." (mixed encoding) in the pg parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 11 |
Exploit-Db
| description | Guppy. CVE-2006-1224. Dos exploit for php platform |
| id | EDB-ID:1573 |
| last seen | 2016-01-31 |
| modified | 2006-03-10 |
| published | 2006-03-10 |
| reporter | trueend5 |
| source | https://www.exploit-db.com/download/1573/ |
| title | Guppy <= 4.5.11 - Delete Databases Remote Denial of Service Exploit |
References
- http://secunia.com/advisories/19222
- http://securityreason.com/securityalert/569
- http://securitytracker.com/id?1015753
- http://www.freeguppy.org/?lng=en
- http://www.kapda.ir/advisory-291.html
- http://www.osvdb.org/23846
- http://www.osvdb.org/23993
- http://www.securityfocus.com/archive/1/427329/100/0/threaded
- http://www.securityfocus.com/bid/17068
- http://www.vupen.com/english/advisories/2006/0936
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25141