Full Disclosure mailing list archives
[ADVISORY] | -Thu Mar 16 13:37:09 EST 2006- | Directory Transversal in ISC INN
From: sixsigma98 () hotmail com
Date: Thu, 16 Mar 2006 18:37:16 +0000 (GMT)
[ADVISORY] | -Thu Mar 16 13:37:09 EST 2006- | Directory Transversal in ISC INN =================== 1. Background =================== There has had been no background commentary on this problem indentified. =================== 2. Description =================== Remote exploitation of a directory traversal vulnerability in ISC INN could allow attackers to overwrite or view arbitrary files with user-supplied contents. =================== 3. History =================== 2-26-2006 - Vendor Notification. 1-15-2006 - Vendor Reply. 3-16-2006 - Public Disclosure. =================== 4. Workaround =================== This vulnerability has no identified workarounds. =================== 5. CVE Information =================== The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2006-665571 to this issue =================== Appendix A Vendor Information =================== http://www.isc.org/index.pl?/sw/inn/ =================== Appendix B References =================== RFC 1100 =================== Contact =================== Ray P lolville () spam la 1-888-565-9428 GSAE GREM SSP-CNSA SSP-MPA GIPS GHTQ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- [ADVISORY] | -Thu Mar 16 13:37:09 EST 2006- | Directory Transversal in ISC INN sixsigma98 (Mar 16)