Opentools Attachment Mod Multiple Remote Vulnerabilities

Bugtraq ID: 11893
Class: Unknown
CVE:
Remote: Yes
Local: No
Published: Dec 13 2004 12:00AM
Updated: Dec 13 2004 12:00AM
Credit: Discovery of the directory traversal vulnerability is credited to Paul Laudanski (AKA Zhen-Xjell); the discovery of the file extension access control bypass is credited to Jeremy Bae at STG Security, Inc.
Vulnerable: Opentools Attachment Mod 2.3.10
Opentools Attachment Mod 2.3.9
Opentools Attachment Mod 2.3.8
Opentools Attachment Mod 2.3.7
Opentools Attachment Mod 2.3.6
Opentools Attachment Mod 2.3.5
Opentools Attachment Mod 2.3.4
Not Vulnerable: Opentools Attachment Mod 2.3.11


 

Privacy Statement
Copyright 2010, SecurityFocus