Back to search
CVE-2004-2478
Published: Aug 21, 2005
Modified: Aug 8, 2024
PUBLISHED
Description
Unspecified vulnerability in Jetty HTTP Server, as used in (1) IBM Trading Partner Interchange before 4.2.4, (2) CA Unicenter Web Services Distributed Management (WSDM) before 3.11, and possibly other products, allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
12703
third-party-advisory
x_refsource_SECUNIA
ADV-2006-3873
vdb-entry
x_refsource_VUPEN
11330
vdb-entry
x_refsource_BID
http://www-1.ibm.com/support/docview.wss?uid=swg21178665
x_refsource_MISC
22229
third-party-advisory
x_refsource_SECUNIA
1016975
vdb-entry
x_refsource_SECTRACK
20061003 [CAID 34661]: CA Unicenter WSDM File System Read Access Vulnerability
mailing-list
x_refsource_BUGTRAQ
20061003 [CAID 34661]: CA Unicenter WSDM File System Read Access Vulnerability
mailing-list
x_refsource_FULLDISC
1011545
vdb-entry
x_refsource_SECTRACK
trading-partner-gain-access(17600)
vdb-entry
x_refsource_XF
10490
vdb-entry
x_refsource_OSVDB
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now