Computer Security
[EN] securityvulns.ru no-pyccku


Symantec Backup Exec System Recovery Manager unauthorized access
Published:07.02.2008
Source:
SecurityVulns ID:8645
Type:remote
Threat Level:
7/10
Description:It's possible to upload files with TCP/8080 Web server.
Affected:SYMANTEC : Backup Exec System Recovery Manager 7.0
CVE:CVE-2008-0457 (Unrestricted file upload vulnerability in the FileUpload class running on the Symantec LiveState Apache Tomcat server, as used by Symantec Backup Exec System Recovery Manager 7.0 and 7.0.1, allows remote attackers to upload and execute arbitrary JSP files via unknown vectors.)
Original documentdocumentZDI, ZDI-08-003: Symantec Backup Exec Remote File Upload Vulnerability (07.02.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod