Back to search
CVE-2007-4226
Published: Aug 8, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
Directory traversal vulnerability in the BlueCat Networks Proteus IPAM appliance 2.0.2.0 (Adonis DNS/DHCP appliance 5.0.2.8) allows remote authenticated administrators, with certain TFTP privileges, to create and overwrite arbitrary files via a .. (dot dot) in a pathname. NOTE: this can be leveraged for administrative access by overwriting /etc/shadow.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
1018521
vdb-entry
x_refsource_SECTRACK
adonis-tftp-privilege-escalation(35807)
vdb-entry
x_refsource_XF
25214
vdb-entry
x_refsource_BID
ADV-2007-2840
vdb-entry
x_refsource_VUPEN
2986
third-party-advisory
x_refsource_SREASON
20070809 Re: TS-2007-002-0: BlueCat Networks Adonis root Privilege Access
mailing-list
x_refsource_BUGTRAQ
20070806 TS-2007-002-0: BlueCat Networks Adonis root Privilege Access
mailing-list
x_refsource_BUGTRAQ
39397
vdb-entry
x_refsource_OSVDB
26354
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now