5

CVE-2005-3123

Exploit
Directory traversal vulnerability in GNUMP3D before 2.9.6 allows remote attackers to read arbitrary files via crafted sequences such as "/.//..//////././", which is collapsed into "/.././" after ".." and "//" sequences are removed.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GnuGnump3d Version2.9
GnuGnump3d Version2.9.1
GnuGnump3d Version2.9.2
GnuGnump3d Version2.9.3
GnuGnump3d Version2.9.4
GnuGnump3d Version2.9.5
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.98% 0.855
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/17559
Vendor Advisory
http://www.novell.com/linux/security/advisories/2005_28_sr.html
http://www.novell.com/linux/security/advisories/2005_27_sr.html
http://lists.gnu.org/archive/html/gnump3d-users/2005-10/msg00013.html
Patch
http://secunia.com/advisories/17351
Patch
Vendor Advisory
Exploit
http://securityreason.com/securityalert/127
http://securitytracker.com/id?1015118
http://www.debian.org/security/2005/dsa-877
Patch
Vendor Advisory
http://www.osvdb.org/20360
http://www.securityfocus.com/bid/15228
Patch
http://www.vupen.com/english/advisories/2005/2242