CVE-2004-1444
published 2004-12-31CVE-2004-1444: Directory traversal vulnerability in Roundup 0.6.4 and earlier allows remote attackers to view arbitrary files via .. (dot dot) sequences in an @@ command in…
PriorityP335medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
8.79%
94.5th percentile
Directory traversal vulnerability in Roundup 0.6.4 and earlier allows remote attackers to view arbitrary files via .. (dot dot) sequences in an @@ command in an HTTP GET request.
Affected
34 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| roundup-tracker | roundup | <= 0.6.4 | — |
| roundup-tracker | roundup | — | — |
| roundup-tracker | roundup | — | — |
| roundup-tracker | roundup | — | — |
| roundup-tracker | roundup | — | — |
| roundup-tracker | roundup | — | — |
| roundup-tracker | roundup | — | — |
| roundup-tracker | roundup | — | — |
| roundup-tracker | roundup | — | — |
| roundup-tracker | roundup | — | — |
| roundup-tracker | roundup | — | — |
| roundup-tracker | roundup | — | — |
| roundup-tracker | roundup | — | — |
| roundup-tracker | roundup | — | — |
| roundup-tracker | roundup | — | — |
| roundup-tracker | roundup | — | — |
| roundup-tracker | roundup | — | — |
| roundup-tracker | roundup | — | — |
| roundup-tracker | roundup | — | — |
| roundup-tracker | roundup | — | — |
| roundup-tracker | roundup | — | — |
| roundup-tracker | roundup | — | — |
| roundup-tracker | roundup | — | — |
| roundup-tracker | roundup | — | — |
| roundup-tracker | roundup | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Roundup Directory traversal vulnerability
ghsa·2022-04-29
CVE-2004-1444 [MEDIUM] CWE-22 Roundup Directory traversal vulnerability
Roundup Directory traversal vulnerability
Directory traversal vulnerability in Roundup 0.6.4 and earlier allows remote attackers to view arbitrary files via `..` (dot dot) sequences in an `@@` command in an HTTP GET request.
OSV
Roundup Directory traversal vulnerability
osv·2022-04-29
CVE-2004-1444 [MEDIUM] Roundup Directory traversal vulnerability
Roundup Directory traversal vulnerability
Directory traversal vulnerability in Roundup 0.6.4 and earlier allows remote attackers to view arbitrary files via `..` (dot dot) sequences in an `@@` command in an HTTP GET request.
No detection rules found.
No writeups or analysis indexed.
http://packetstormsecurity.nl/0406-exploits/roundUP.txthttp://secunia.com/advisories/11801/http://securitytracker.com/id?1010415http://sourceforge.net/tracker/index.php?func=detail&aid=961511&group_id=31577&atid=402788http://www.gentoo.org/security/en/glsa/glsa-200408-09.xmlhttp://www.securityfocus.com/bid/10495https://exchange.xforce.ibmcloud.com/vulnerabilities/16350http://packetstormsecurity.nl/0406-exploits/roundUP.txthttp://secunia.com/advisories/11801/http://securitytracker.com/id?1010415http://sourceforge.net/tracker/index.php?func=detail&aid=961511&group_id=31577&atid=402788http://www.gentoo.org/security/en/glsa/glsa-200408-09.xmlhttp://www.securityfocus.com/bid/10495https://exchange.xforce.ibmcloud.com/vulnerabilities/16350
2004-12-31
Published