Published: 14/03/2008 Updated: 11/10/2018

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Timbuktu Pro 8.6.5 for Windows, and possibly 8.7 for Mac OS X, does not perform input validation before logging information fields taken from packets from a remote peer, which allows remote malicious users to generate crafted log entries, and possibly avoid detection of attacks, via modified (1) computer name, (2) user name, and (3) IP address fields.

Vulnerable Product	Search on Vulmon	Subscribe to Product
netopia timbuktu pro 8.6.5

# Core Security Technologies - CoreLabs Advisory # wwwcoresecuritycom/corelabs # Title: Timbuktu Pro Remote Path Traversal and Log Injection # Advisory ID: CORE-2008-0204 # Advisory URL: wwwcoresecuritycom/?action=item&id=2166 # Date published: 2008-03-11 # Date of last update: 2008-03-11 # Vendors contacted: Motorola # Rele ...

Core Security Technologies Advisory - Timbuktu Pro suffers from remote path traversal and log injection vulnerabilities ...

CWE-20 http://www.coresecurity.com/?action=item&id=2166 http://www.securityfocus.com/bid/28081 http://secunia.com/advisories/29316 http://securityreason.com/securityalert/3742 https://exchange.xforce.ibmcloud.com/vulnerabilities/41330 https://www.exploit-db.com/exploits/5238 http://www.securityfocus.com/archive/1/489414/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/5238/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-1118

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect