NVD

Id
57742  
Name
CVE-2007-5685  
Description
The safe_path function in shttp before 0.0.5 allows remote attackers to conduct directory traversal attacks and read files via a combination of ".." and sub-directory specifiers that resolve to a pathname that is at or below the same level as the web document root, but in a different part of the directory tree.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:N/A:N)  
Pub Date
2017-01-07  
Published
2007-10-28  
Modified Date
2008-11-15  
Seq
2007-5685  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
295486 57742 CVE-2007-5685 http://serverkit.org/modules/contrib/shttp/shttp-0.0.5.tar.gz  View
295487 57742 CVE-2007-5685 http://www.digineo.co.uk/shttp_directory_traversal  View
295488 57742 CVE-2007-5685 20071025 Directory traversal flaw in shttp  View
295489 57742 CVE-2007-5685 26212  View
295490 57742 CVE-2007-5685 shttp-safepath-directory-traversal(37455)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
57571 JVNDB-2007-006263 shttp の safe_path 関数におけるディレクトリトラバーサル攻撃を実行される脆弱性 shttp の safe_path 関数には、ディレクトリトラバーサル攻撃を実行される、およびファイルを読み取られる脆弱性が存在します。 CVE-2007-5685 29040 CVE-2007-5685 57742 5 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-006263.html 2007-10-28 2012-12-20 View