Full Disclosure mailing list archives

-ADVISORY- * -Thu Mar 16 13:55:34 EST 2006- * Directory Transversal in Ethereal

From: psirt () cisco com
Date: Thu, 16 Mar 2006 18:55:39 +0000 (GMT)




-ADVISORY- * -Thu Mar 16 13:55:34 EST 2006- * Directory Transversal in Ethereal




8=========================D~~~~~~~~
o/ å DESCRIPTION
8=========================D~~~~~~~~
Remote exploitation of a directory traversal vulnerability in Ethereal could allow attackers to overwrite or view 
arbitrary files with user-supplied contents.

8=========================D~~~~~~~~
å \o HISTORY
8=========================D~~~~~~~~
2/16/2006 o/ Vendor Notification.
3/16/2006 o/ Public Disclosure.
8=========================D~~~~~~~~
o/ å WORKAROUND
8=========================D~~~~~~~~
There has had been no workarounds regarding the vulnerability indentified.
8=========================D~~~~~~~~
å \o CVE INFORMATION
8=========================D~~~~~~~~
The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2006-316773 to this issue


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

-ADVISORY- * -Thu Mar 16 13:55:34 EST 2006- * Directory Transversal in Ethereal psirt (Mar 16)