Computer Security

Security Advisory: DDIVRT-2009-22 SMART Board Whiteboard Directory Traversal Vulnerability
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  DDIVRT-2009-21 vBook Login Application Cross-site Scripting Vulnerability

  [ GLSA 200903-02 ] ZNC: Privilege escalation

  phpCommunity 2 2.1.8 Multiple Vulnerabilities (SQL Injection /  Directory Traversal / XSS)

  nForum 1.5 Multiple SQL Injection

From:ddivulnalert_(at)_ddifrontline.com <ddivulnalert_(at)_ddifrontline.com>
Date:09.03.2009
Subject:DDIVRT-2009-22 SMART Board Whiteboard Directory Traversal Vulnerability

Title
-----
DDIVRT-2009-22 SMART Board Whiteboard Directory Traversal Vulnerability

Severity
--------
High

Date Discovered
---------------
January 19th, 2009

Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: David Marshall and r@b13$

Vulnerability Description
-------------------------
A directory traversal condition exists in SMART Web Server whereby arbitrary files may be retrieved from this host's file system. Attackers may leverage this issue to gain access to sensitive information stored on this host.

Solution Description
--------------------
No patch is available at this time.

Tested Systems / Software (with versions)
------------------------------------------
Windows XP, SMART Board Whiteboard

Vendor Contact
--------------
Vendor Name: SMART Technologies ULC
Vendor Website: http://www2.smarttech.com/
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru