Lucene search

MitreCVE-2005-2731

HistoryAug 30, 2005 - 11:45 a.m.

CVE-2005-2731

2005-08-3011:45:00

mitre

web.nvd.nist.gov

cve

2005

2731

directory traversal

vulnerability

astaro security linux

webmin

remote authenticated

nvd

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.6

Confidence

Low

EPSS

0.002

Percentile

53.2%

JSON

Directory traversal vulnerability in Astaro Security Linux 6.0, when using Webmin, allows remote authenticated webmin users to read arbitrary files via a … (dot dot) in the wfe_download parameter to index.fpl.

Affected configurations

Nvd

Node

astarosecurity_linuxMatch6.001

VendorProductVersionCPE
astarosecurity_linux6.001cpe:2.3:o:astaro:security_linux:6.001:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
astaro	security_linux	6.001	cpe:2.3:o:astaro:security_linux:6.001:::::::*

References

marc.info/?l=bugtraq&m=112501186602731&w=2

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.6

Confidence

Low

EPSS

0.002

Percentile

53.2%

JSON

Related for CVE-2005-2731