[Full-disclosure] Advisory 2006-03-11 Directory Transversal in
- From: " Suresec Advisories \r\n" <advisories@xxxxxxxxxxx>
- Date: Sat, 11 Mar 2006 22:43:17 -0800
Tripwire
Message-ID: <486e6df0edfa2dda6932a66ef5c8a887@xxxxxxxxxxxxxxxx>
X-Priority: 3
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="iso-8859-1"
Advisory 2006-03-11 Directory Transversal in
Tripwire
I. BACKGROUND
Advisory marked for immediate release.
II. DESCRIPTION
Remote exploitation of a directory traversal vulnerability in
Tripwire could allow attackers to overwrite or view arbitrary files with user-supplied contents.
III. HISTORY
This advisory has no history.
IV. WORKAROUND
There are no known workarounds.
V. VENDOR RESPONSE
Tripwire has not commented on this issue.
VI. CVE INFORMATION
The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-891531 to this issue.
APPENDIX A. - Vendor Information
http://www.tripwire.com/
APPENDIX B. - References
NONE
CONTACT:
* Suresec Advisories
bantown@xxxxxxx
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Prev by Date: [Full-disclosure] Advisory 2006-03-11Local Privilege Escalation Vulnerability in AOL Client Software
- Next by Date: [Full-disclosure] Advisory 2006-03-11 Off-by-one in
- Previous by thread: [Full-disclosure] Advisory 2006-03-11Local Privilege Escalation Vulnerability in AOL Client Software
- Next by thread: [Full-disclosure] Advisory 2006-03-11 Directory Transversal in
- Index(es):
Relevant Pages
|
