PT-2004-2961 · Dansguardian · Dansguardian

Published

2004-12-31

Updated

2017-07-11

CVE-2004-2065

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions DansGuardian versions 2.8 and earlier

Description The issue allows remote attackers to bypass the extension filtering rule. This can be achieved by using a hex encoded extension or a dot (.) in the filename.

Recommendations For DansGuardian versions 2.8 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2004-2065

Affected Products

Dansguardian

PT-2004-2961 · Dansguardian · Dansguardian

CVE-2004-2065

Related Identifiers

Affected Products

References · 8