PT-2005-2420 · Software602 · 602Lan Suite

Published

2005-05-03

Updated

2008-09-05

CVE-2005-1423

CVSS v2.0

6.4

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:P

Name of the Vulnerable Software and Affected Versions: 602LAN SUITE version 2004.0.05.0413

Description: The issue allows remote attackers to cause a denial of service and determine the presence of arbitrary files via .. sequences in the A parameter. This is related to a directory traversal vulnerability in the mail program.

Recommendations: For version 2004.0.05.0413, consider restricting access to the mail program to minimize the risk of exploitation. Avoid using the A parameter in a way that could facilitate directory traversal until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-1423

Affected Products

602Lan Suite

PT-2005-2420 · Software602 · 602Lan Suite

CVE-2005-1423

Related Identifiers

Affected Products

References · 4