Full Disclosure mailing list archives
[Advisory] * x Thu Mar 16 14:30:03 EST 2006 x * Directory Transversal in Tripwire
From: Andrew Haninger <ahaning () gmail com>
Date: Thu, 16 Mar 2006 19:30:11 +0000 (GMT)
[Advisory] * x Thu Mar 16 14:30:03 EST 2006 x * Directory Transversal in Tripwire +++++++++++++ 1. Description +++++++++++++ Remote exploitation of a directory traversal vulnerability in Tripwire could allow attackers to overwrite or view arbitrary files with user-supplied contents. +++++++++++++ 2. History +++++++++++++ 2/26/2006 - Vendor Notification. 1/10/2006 - Vendor Reply. 3/16/2006 - Public Disclosure. +++++++++++++ 3. CVE Information +++++++++++++ The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2006-174086 to this issue +++++++++++++ Appendix A Vendor Information +++++++++++++ http://www.tripwire.com/ +++++++++++++ Appendix B References +++++++++++++ RFC 7423 +++++++++++++ Contact +++++++++++++ Andrew Haninger lolville () spam la 1-888-565-9428 BEWARE THE JIZZTAPO!!! .. _ .' `. /\) / / / / /\ \ \ / \ _ \ \/ /\ \ (/\ \ / \ \ \ \ / \ (Y ) \ \/ /\ \ "" \ / \ \ \/ / / / / ( Y) "" CSFA GREM GIPS CAP SSCP _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- [Advisory] * x Thu Mar 16 14:30:03 EST 2006 x * Directory Transversal in Tripwire Andrew Haninger (Mar 16)