Computer Security

Forum
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



AVM IGD CTRL Service directory traversal
Published:21.01.2007
Source:FULL-DISCLOSURE
SecurityVulns ID:7078
Type:remote
Level:5/10
Description:HTTP directory traversal with TCP/49001 (UPNP) port.
Affected:AVM : Fritz!DSL Software 02.02
CVE:CVE-2007-0357 (Directory traversal vulnerability in the AVM IGD CTRL Service in Fritz!DSL 02.02.29 allows remote attackers to read arbitrary files via ..%5C (URL-encoded dot dot backslash) sequences in a URI requested from the AR7 webserver.)
Original documentdocumentdpr_(at)_herr-der-mails.de, [Full-disclosure] Flaw in AVM UPNP service for windows (21.01.2007)
Discuss:Read or add your comments to this news (0 comments)

Show Threads
Messages
 
Login:* (Register)
Password:*
(private) To:
(reply) Subject:*
Text:

Main Forum (Eng)

General security questions not appropriate for another forums. 		3proxy Forum (Eng)

All 3proxy question must be posted to this forum. 		Bugs, Vulnerabilities, PoCs and Exploits (Eng)

All vulnerability related questions, vulnerability digging and exploit creation. 		Windows programming and administration (Eng)

Administering Windows and application development. 		Unix programming and administation (Eng)

Administering Unix and application development. 		Test forum

Please post all test messages here. All test messages from different forums will be deteted.
Main Forum (Rus)
 3proxy Forum (Rus)
 Bugs, Vulnerabilities, PoCs and Exploits (Rus)
 Windows programming and administration (Rus)
 Unix programming and administation (Rus)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
 


Рейтинг@Mail.ru