CVE-2005-2357

Properties

Published:
15.08.2005
Updated:
20.10.2005
Patch available:
Severity:
Low
  • CVSS vector:
    (AV:R/AC:L/Au:NR/C:C/I:N/A:N/B:N) Approximated
    Product:
    EMC: EMC Navisphere Manager
    EMC: EMC Navisphere Manager
    EMC: EMC Navisphere Manager
    EMC: EMC Navisphere Manager

    Vulnerability description

    Directory traversal vulnerability in EMC Navisphere Manager 6.4.1.0.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.

    References:

    BID: http://www.securityfocus.com/bid/14487
    XF: http://xforce.iss.net/xforce/xfdb/21726
    IDEFENSE: http://www.idefense.com/application/poi/display?id=288&type=vulnerabilities&flashstatus=true
    SECTRACK: http://securitytracker.com/id?1014629
    SECUNIA: http://secunia.com/advisories/16344