Vulnerabilities > CVE-2007-1303 - Directory Traversal vulnerability in RRDBrowse File Parameter
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
NONE Availability impact
NONE Summary
Directory traversal vulnerability in rb.cgi in RRDBrowse 1.6 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | RRDBrowse <= 1.6 Remote Arbitrary File Disclosure Vulnerability. CVE-2007-1303. Webapps exploit for cgi platform |
id | EDB-ID:3412 |
last seen | 2016-01-31 |
modified | 2007-03-04 |
published | 2007-03-04 |
reporter | Sebastian Wolfgarten |
source | https://www.exploit-db.com/download/3412/ |
title | RRDBrowse <= 1.6 - Remote Arbitrary File Disclosure Vulnerability |
References
- http://securityreason.com/securityalert/2349
- http://www.devtarget.org/rrdbrowse-advisory-03-2007.txt
- http://www.rrdbrowse.org/index.php
- http://www.securityfocus.com/archive/1/461911/100/0/threaded
- http://www.securityfocus.com/bid/22817
- http://www.vupen.com/english/advisories/2007/0834
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32793