Back to search
CVE-2007-4061
Published: Jul 30, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
Directory traversal vulnerability in a certain ActiveX control in Nessus Vulnerability Scanner 3.0.6 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the argument to the saveNessusRC method, which writes text specified by the addsetConfig method, possibly related to the SCANCTRL.ScanCtrlCtrl.1 ActiveX control in scan.dll. NOTE: this can be leveraged for code execution by writing to a Startup folder.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.nessus.org/news/
x_refsource_MISC
4237
exploit
x_refsource_EXPLOIT-DB
nessus-scanctrl-file-overwrite(35641)
vdb-entry
x_refsource_XF
26243
third-party-advisory
x_refsource_SECUNIA
25088
vdb-entry
x_refsource_BID
ADV-2007-2702
vdb-entry
x_refsource_VUPEN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now