Vulnerabilities > CVE-2007-2048 - Directory Traversal vulnerability in webMethods Glue Console
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Directory traversal vulnerability in /console in the Management Console in webMethods Glue 6.5.1 and earlier allows remote attackers to read arbitrary system files via a .. (dot dot) in the resource parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 |
Exploit-Db
description | webMethods Glue 6.5.1 Console Directory Traversal Vulnerability. CVE-2007-2048. Remote exploit for windows platform |
id | EDB-ID:29843 |
last seen | 2016-02-03 |
modified | 2007-04-11 |
published | 2007-04-11 |
reporter | Patrick Webster |
source | https://www.exploit-db.com/download/29843/ |
title | webMethods Glue <= 6.5.1 Console Directory Traversal Vulnerability |
References
- http://secunia.com/advisories/24933
- http://securityreason.com/securityalert/2589
- http://www.aushack.com/advisories/200704-webmethods.txt
- http://www.securityfocus.com/archive/1/465332/100/0/threaded
- http://www.securityfocus.com/archive/1/465993/100/0/threaded
- http://www.securityfocus.com/archive/1/467873/30/6720/threaded
- http://www.securityfocus.com/bid/23423
- http://www.securitytracker.com/id?1017926
- http://www.vupen.com/english/advisories/2007/1363