Published: 08/08/2007 Updated: 15/10/2018

CVSS v2 Base Score: 7.1 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 715

Vector: AV:N/AC:H/Au:S/C:C/I:C/A:C

Directory traversal vulnerability in the BlueCat Networks Proteus IPAM appliance 2.0.2.0 (Adonis DNS/DHCP appliance 5.0.2.8) allows remote authenticated administrators, with certain TFTP privileges, to create and overwrite arbitrary files via a .. (dot dot) in a pathname. NOTE: this can be leveraged for administrative access by overwriting /etc/shadow.

Vulnerable Product	Search on Vulmon	Subscribe to Product
bluecat networks adonis 5.0.2.8

source: wwwsecurityfocuscom/bid/25214/info BlueCat Networks Adonis devices are prone to a remote privilege-escalation vulnerability This issue occurs when Proteus appliances are used to upload files to an affected Adonis appliance for TFTP download An attacker with administrative privileges can exploit this issue to write arbitrary dat ...

NVD-CWE-Other http://www.securityfocus.com/bid/25214 http://securitytracker.com/id?1018521 http://marc.info/?l=bugtraq&m=118669433531027&w=2 http://secunia.com/advisories/26354 http://securityreason.com/securityalert/2986 http://osvdb.org/39397 http://www.vupen.com/english/advisories/2007/2840 https://exchange.xforce.ibmcloud.com/vulnerabilities/35807 http://www.securityfocus.com/archive/1/475667/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/30454/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-4226

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect