ID
VAR-E-201105-0567
EDB ID
35799
TITLE
Vordel Gateway 6.0.3 - Directory Traversal - Linux remote Exploit
Trust: 0.6
DESCRIPTION
Vordel Gateway 6.0.3 - Directory Traversal.. remote exploit for Linux platform
Trust: 0.6
AFFECTED PRODUCTS
| vendor: | vordel | model: | gateway | scope: | eq | version: | 6.0.3 | Trust: 1.0 |
| vendor: | vordel | model: | limited vordel gateway | scope: | eq | version: | 6.0.3 | Trust: 0.3 |
| vendor: | vordel | model: | limited vordel gateway | scope: | ne | version: | 6.1 | Trust: 0.3 |
EXPLOIT
source: https://www.securityfocus.com/bid/47975/info
Vordel Gateway is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input.
A remote attacker could exploit this vulnerability using directory-traversal strings (such as '../') to gain access to arbitrary files on the targeted system. This may result in the disclosure of sensitive information or lead to a complete compromise of the affected computer.
Vordel Gateway 6.0.3 is vulnerable; other versions may also be affected.
http://www.example.com:8090/manager/..%2f..%2f..%2f..%2f..%2f..%2fetc%2fshadow
Trust: 1.0
EXPLOIT LANGUAGE
txt
Trust: 0.6
PRICE
free
Trust: 0.6
TYPE
Directory Traversal
Trust: 1.0
CREDITS
Brian W. Gary
Trust: 0.6
EXTERNAL IDS
| db: | BID | id: | 47975 | Trust: 1.9 |
| db: | EXPLOIT-DB | id: | 35799 | Trust: 1.6 |
| db: | EDBNET | id: | 57197 | Trust: 0.6 |
REFERENCES
| url: | https://www.securityfocus.com/bid/47975/info | Trust: 1.0 |
| url: | https://www.exploit-db.com/exploits/35799/ | Trust: 0.6 |
| url: | http://www.vordel.com/ | Trust: 0.3 |
| url: | https://www.upsploit.com/index.php/advisories/view/ups-2011-0023 | Trust: 0.3 |
SOURCES
| db: | BID | id: | 47975 |
| db: | EXPLOIT-DB | id: | 35799 |
| db: | EDBNET | id: | 57197 |
LAST UPDATE DATE
2022-07-27T09:27:53.346000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 47975 | date: | 2011-05-25T00:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 47975 | date: | 2011-05-25T00:00:00 |
| db: | EXPLOIT-DB | id: | 35799 | date: | 2011-05-25T00:00:00 |
| db: | EDBNET | id: | 57197 | date: | 2011-05-25T00:00:00 |