Lucene search

MitreCVE-2005-3559

HistoryNov 16, 2005 - 7:42 a.m.

CVE-2005-3559

2005-11-1607:42:00

mitre

web.nvd.nist.gov

cve-2005-3559

directory traversal

vmail.cgi

asterisk

remote attack

wav files

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.3

Confidence

Low

EPSS

0.043

Percentile

92.4%

JSON

Directory traversal vulnerability in vmail.cgi in Asterisk 1.0.9 through 1.2.0-beta1 allows remote attackers to access WAV files via a … (dot dot) in the folder parameter.

Affected configurations

Nvd

Node

digiumasteriskMatch0.1.0

digiumasteriskMatch0.1.1

digiumasteriskMatch0.1.2

digiumasteriskMatch0.1.3

digiumasteriskMatch0.1.4

digiumasteriskMatch0.1.5

digiumasteriskMatch0.1.6

digiumasteriskMatch0.1.7

digiumasteriskMatch0.1.8

digiumasteriskMatch0.1.9

digiumasteriskMatch0.1.10

digiumasteriskMatch0.1.11

digiumasteriskMatch0.1.12

digiumasteriskMatch0.2.0

digiumasteriskMatch0.3.0

digiumasteriskMatch0.4.0

digiumasteriskMatch0.5.0

digiumasteriskMatch0.7.0

digiumasteriskMatch0.7.1

digiumasteriskMatch0.7.2

digiumasteriskMatch1.0.0

digiumasteriskMatch1.0.1

digiumasteriskMatch1.0.2

digiumasteriskMatch1.0.3

digiumasteriskMatch1.0.4

digiumasteriskMatch1.0.5

digiumasteriskMatch1.0.6

digiumasteriskMatch1.0.7

digiumasteriskMatch1.0.8

digiumasteriskMatch1.0.9

digiumasteriskMatch1.0_rc1

digiumasteriskMatch1.0_rc2

digiumasteriskMatch1.2.0_beta1

VendorProductVersionCPE
digiumasterisk0.1.0cpe:2.3:a:digium:asterisk:0.1.0:*:*:*:*:*:*:*
digiumasterisk0.1.1cpe:2.3:a:digium:asterisk:0.1.1:*:*:*:*:*:*:*
digiumasterisk0.1.2cpe:2.3:a:digium:asterisk:0.1.2:*:*:*:*:*:*:*
digiumasterisk0.1.3cpe:2.3:a:digium:asterisk:0.1.3:*:*:*:*:*:*:*
digiumasterisk0.1.4cpe:2.3:a:digium:asterisk:0.1.4:*:*:*:*:*:*:*
digiumasterisk0.1.5cpe:2.3:a:digium:asterisk:0.1.5:*:*:*:*:*:*:*
digiumasterisk0.1.6cpe:2.3:a:digium:asterisk:0.1.6:*:*:*:*:*:*:*
digiumasterisk0.1.7cpe:2.3:a:digium:asterisk:0.1.7:*:*:*:*:*:*:*
digiumasterisk0.1.8cpe:2.3:a:digium:asterisk:0.1.8:*:*:*:*:*:*:*
digiumasterisk0.1.9cpe:2.3:a:digium:asterisk:0.1.9:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
digium	asterisk	0.1.0	cpe:2.3:a:digium:asterisk:0.1.0:::::::*
digium	asterisk	0.1.1	cpe:2.3:a:digium:asterisk:0.1.1:::::::*
digium	asterisk	0.1.2	cpe:2.3:a:digium:asterisk:0.1.2:::::::*
digium	asterisk	0.1.3	cpe:2.3:a:digium:asterisk:0.1.3:::::::*
digium	asterisk	0.1.4	cpe:2.3:a:digium:asterisk:0.1.4:::::::*
digium	asterisk	0.1.5	cpe:2.3:a:digium:asterisk:0.1.5:::::::*
digium	asterisk	0.1.6	cpe:2.3:a:digium:asterisk:0.1.6:::::::*
digium	asterisk	0.1.7	cpe:2.3:a:digium:asterisk:0.1.7:::::::*
digium	asterisk	0.1.8	cpe:2.3:a:digium:asterisk:0.1.8:::::::*
digium	asterisk	0.1.9	cpe:2.3:a:digium:asterisk:0.1.9:::::::*