CVE-2004-2464
published 2004-12-31CVE-2004-2464: Directory traversal vulnerability in ADA Image Server (ImgSvr) 0.4 allows remote attackers to read arbitrary files or list directories via hex-encoded "..//"…
PriorityP428medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
3.51%
87.7th percentile
Directory traversal vulnerability in ADA Image Server (ImgSvr) 0.4 allows remote attackers to read arbitrary files or list directories via hex-encoded "..//" sequences ("%2e%2e%2f%2f"). NOTE: it was later reported that 0.6.21 and earlier is also affected.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ada | imgsvr | — | — |
| ada | imgsvr | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-x8mw-87h3-52hg: Directory traversal vulnerability in Ada Image Server (ImgSvr) 0
ghsa_unreviewed·2022-05-01·CVSS 5.0
CVE-2007-3714 [MEDIUM] GHSA-x8mw-87h3-52hg: Directory traversal vulnerability in Ada Image Server (ImgSvr) 0
Directory traversal vulnerability in Ada Image Server (ImgSvr) 0.6.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the template parameter to the default URI. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: this is probably a different issue than CVE-2004-2464. NOTE: it was later reported that 0.6.21 and earlier is also affected.
GHSA
GHSA-wwmr-ccvg-gjg3: Directory traversal vulnerability in ADA Image Server (ImgSvr) 0
ghsa_unreviewed·2022-04-29
CVE-2004-2464 [MEDIUM] GHSA-wwmr-ccvg-gjg3: Directory traversal vulnerability in ADA Image Server (ImgSvr) 0
Directory traversal vulnerability in ADA Image Server (ImgSvr) 0.4 allows remote attackers to read arbitrary files or list directories via hex-encoded "..//" sequences ("%2e%2e%2f%2f"). NOTE: it was later reported that 0.6.21 and earlier is also affected.
No detection rules found.
No writeups or analysis indexed.
http://members.lycos.co.uk/r34ct/main/ADA%20Image%20Server%20%28ImgSvr%29%200.4.txthttp://secunia.com/advisories/11287http://www.osvdb.org/4946http://www.securityfocus.com/archive/1/485490/100/100/threadedhttp://www.securityfocus.com/bid/10048https://exchange.xforce.ibmcloud.com/vulnerabilities/16680http://members.lycos.co.uk/r34ct/main/ADA%20Image%20Server%20%28ImgSvr%29%200.4.txthttp://secunia.com/advisories/11287http://www.osvdb.org/4946http://www.securityfocus.com/archive/1/485490/100/100/threadedhttp://www.securityfocus.com/bid/10048https://exchange.xforce.ibmcloud.com/vulnerabilities/16680
2004-12-31
Published