Computer Security

Symantec Backup Exec System Recovery Manager unauthorized access
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Symantec Backup Exec System Recovery Manager unauthorized access
Published:07.02.2008
Source:BUGTRAQ
SecurityVulns ID:8645
Type:remote
Level:7/10
Description:It's possible to upload files with TCP/8080 Web server.
Affected:SYMANTEC : Backup Exec System Recovery Manager 7.0
CVE:CVE-2008-0457 (Unrestricted file upload vulnerability in the FileUpload class running on the Symantec LiveState Apache Tomcat server, as used by Symantec Backup Exec System Recovery Manager 7.0 and 7.0.1, allows remote attackers to upload and execute arbitrary JSP files via unknown vectors.)
Original documentdocumentZDI, ZDI-08-003: Symantec Backup Exec Remote File Upload Vulnerability (07.02.2008)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru