CVE-2002-0430
published 2002-08-12CVE-2002-0430: MultiFileUploadHandler.php in the Sun Cobalt RaQ XTR administration interface allows local users to bypass authentication and overwrite arbitrary files via a…
PriorityP417low3.7CVSS 2.0
AVLACHAuNCPIPAP
EXPLOIT
EPSS
0.91%
55.4th percentile
MultiFileUploadHandler.php in the Sun Cobalt RaQ XTR administration interface allows local users to bypass authentication and overwrite arbitrary files via a symlink attack on a temporary file, followed by a request to MultiFileUpload.php.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Cobalt RaQ 2.0/3.0/4.0 XTR - 'MultiFileUpload.php' Authentication Bypass (1)
exploitdb·2002-03-08
CVE-2002-0430 Cobalt RaQ 2.0/3.0/4.0 XTR - 'MultiFileUpload.php' Authentication Bypass (1)
Cobalt RaQ 2.0/3.0/4.0 XTR - 'MultiFileUpload.php' Authentication Bypass (1)
---
source: https://www.securityfocus.com/bid/4252/info
Cobalt RaQ is a server appliance for Internet-based services. It is distributed and maintained by Sun Microsystems.
The 'MultiFileUpload.php' script is not sufficiently protected from outside access. While other sensitive administrative scripts are protected with HTTP authentication, 'MultiFileUpload.php' is not. Remote clients may invoke the execution of this script without valid administrator credentials.
In doing so, it is possible for an attacker to upload files that are created on the server filesystem as any user.
Furthermore, the uploaded files are stored in '/tmp' with predictable filenames. If the attacker has local access to the system, this v
Exploit-DB
Cobalt RaQ 2.0/3.0/4.0 XTR - 'MultiFileUpload.php' Authentication Bypass (2)
exploitdb·2002-03-08
CVE-2002-0430 Cobalt RaQ 2.0/3.0/4.0 XTR - 'MultiFileUpload.php' Authentication Bypass (2)
Cobalt RaQ 2.0/3.0/4.0 XTR - 'MultiFileUpload.php' Authentication Bypass (2)
---
source: https://www.securityfocus.com/bid/4252/info
Cobalt RaQ is a server appliance for Internet-based services. It is distributed and maintained by Sun Microsystems.
The 'MultiFileUpload.php' script is not sufficiently protected from outside access. While other sensitive administrative scripts are protected with HTTP authentication, 'MultiFileUpload.php' is not. Remote clients may invoke the execution of this script without valid administrator credentials.
In doing so, it is possible for an attacker to upload files that are created on the server filesystem as any user.
Furthermore, the uploaded files are stored in '/tmp' with predictable filenames. If the attacker has local access to the system, this v
No writeups or analysis indexed.
2002-08-12
Published