Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

[ADVISORY] | +Thu Mar 16 03:18:06 EST 2006+ | Directory Transversal in ISC OpenReg

From: davefd () davewking com
Date: Thu, 16 Mar 2006 08:18:23 +0000 (GMT)



[ADVISORY] | +Thu Mar 16 03:18:06 EST 2006+ | Directory Transversal in ISC OpenReg




++++++++++++++++++++++++++++++++++++++++++++++++++++++
1. BACKGROUND
++++++++++++++++++++++++++++++++++++++++++++++++++++++
This product had no background.
++++++++++++++++++++++++++++++++++++++++++++++++++++++
2. DESCRIPTION
++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remote exploitation of a directory traversal vulnerability in ISC OpenReg could allow attackers to overwrite or view 
arbitrary files with user-supplied contents.

++++++++++++++++++++++++++++++++++++++++++++++++++++++
3. HISTORY
++++++++++++++++++++++++++++++++++++++++++++++++++++++
2-1-2006 - Vendor Notification.
14-2-2006 - Vendor Reply.
16-3-2006 - Public Disclosure.
++++++++++++++++++++++++++++++++++++++++++++++++++++++
4. VENDOR RESPONSE
++++++++++++++++++++++++++++++++++++++++++++++++++++++
ISC OpenReg had extended no commentary.
++++++++++++++++++++++++++++++++++++++++++++++++++++++
5. CVE INFORMATION
++++++++++++++++++++++++++++++++++++++++++++++++++++++
The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2006-989455 to this issue



++++++++++++++++++++++++++++++++++++++++++++++++++++++
CONTACT
++++++++++++++++++++++++++++++++++++++++++++++++++++++
Dave King davefd () davewking com

CEH CSFA GREM SSP-CNSA SSP-MPA GIPS 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: