Full Disclosure mailing list archives
[ADVISORY] | +Thu Mar 16 03:18:06 EST 2006+ | Directory Transversal in ISC OpenReg
From: davefd () davewking com
Date: Thu, 16 Mar 2006 08:18:23 +0000 (GMT)
[ADVISORY] | +Thu Mar 16 03:18:06 EST 2006+ | Directory Transversal in ISC OpenReg ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1. BACKGROUND ++++++++++++++++++++++++++++++++++++++++++++++++++++++ This product had no background. ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 2. DESCRIPTION ++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remote exploitation of a directory traversal vulnerability in ISC OpenReg could allow attackers to overwrite or view arbitrary files with user-supplied contents. ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 3. HISTORY ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 2-1-2006 - Vendor Notification. 14-2-2006 - Vendor Reply. 16-3-2006 - Public Disclosure. ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 4. VENDOR RESPONSE ++++++++++++++++++++++++++++++++++++++++++++++++++++++ ISC OpenReg had extended no commentary. ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 5. CVE INFORMATION ++++++++++++++++++++++++++++++++++++++++++++++++++++++ The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2006-989455 to this issue ++++++++++++++++++++++++++++++++++++++++++++++++++++++ CONTACT ++++++++++++++++++++++++++++++++++++++++++++++++++++++ Dave King davefd () davewking com CEH CSFA GREM SSP-CNSA SSP-MPA GIPS _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- [ADVISORY] | +Thu Mar 16 03:18:06 EST 2006+ | Directory Transversal in ISC OpenReg davefd (Mar 16)