PeopleSoft XML unauthorized access
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
PeopleSoft XML unauthorized access
updated since 21.01.2003
Published:
11.03.2003
Source:
X-FORCE
SecurityVulns ID:
2546
Type:
remote
Level:
6
/10
Description:
It's possible to access any webserver files by using XML External Entities. By using SchedulerTransfer servlett it's possible to write arbitrary files on server.
Affected:
PEOPLESOFT
:
PeopleTools 8.18
PEOPLESOFT
:
PeopleTools 8.40
PEOPLESOFT
:
PeopleTools 8.41
Original document
X-FORCE
,
ISS Security Brief: PeopleSoft PeopleTools Remote Command Execution Vulnerability
(
11.03.2003
)
X-FORCE
,
ISS Security Brief: PeopleSoft XML External Entities Vulnerability
(
21.01.2003
)
Discuss:
Read or add your comments to this news (0 comments)
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Nizhny Novgorod
Enter your search terms
Web
securityvulns.com
Submit search form
test server
