Back to search
CVE-2006-3426
Published: Jul 7, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
Directory traversal vulnerability in (a) PatchLink Update Server (PLUS) before 6.1 P1 and 6.2.x before 6.2 SR1 P1 and (b) Novell ZENworks 6.2 SR1 and earlier allows remote attackers to overwrite arbitrary files and directories via a .. (dot dot) sequence in the (1) action, (2) agentid, or (3) index parameters to dagent/nwupload.asp, which are used as pathname components.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20060629 Multiple Vulnerabilities in PatchLink Update Server 6
mailing-list
x_refsource_FULLDISC
18732
vdb-entry
x_refsource_BID
20060629 Multiple Vulnerabilities in PatchLink Update Server 6
mailing-list
x_refsource_BUGTRAQ
20876
third-party-advisory
x_refsource_SECUNIA
20878
third-party-advisory
x_refsource_SECUNIA
1200
third-party-advisory
x_refsource_SREASON
ADV-2006-2596
vdb-entry
x_refsource_VUPEN
ADV-2006-2595
vdb-entry
x_refsource_VUPEN
1016405
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now