Vulnerabilities > CVE-2007-3985 - Unspecified vulnerability in Securecomputing Securityreporter 4.6.3
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN securecomputing
nessus
Summary
Directory traversal vulnerability in file.cgi in Secure Computing SecurityReporter (aka Network Security Analyzer) 4.6.3 allows remote attackers to download arbitrary files via a .. (dot dot) in the name parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
| NASL family | CGI abuses |
| NASL id | SECURITYREPORTER_463P1.NASL |
| description | The |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 25994 |
| published | 2007-09-06 |
| reporter | This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/25994 |
| title | SecurityReporter < 4.6.3p1 Multiple Vulnerabilities |
References
- http://marc.info/?l=bugtraq&m=118522960430476&w=2
- http://marc.info/?l=bugtraq&m=118522960430476&w=2
- http://osvdb.org/43770
- http://osvdb.org/43770
- http://secunia.com/advisories/26167
- http://secunia.com/advisories/26167
- http://www.oliverkarow.de/research/securityreporter.txt
- http://www.oliverkarow.de/research/securityreporter.txt
- http://www.securecomputing.com/index.cfm?skey=1429
- http://www.securecomputing.com/index.cfm?skey=1429
- http://www.securityfocus.com/bid/25027
- http://www.securityfocus.com/bid/25027
- http://www.securitytracker.com/id?1018443
- http://www.securitytracker.com/id?1018443
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35585
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35585