CVE-2012-1047
published 2012-02-12CVE-2012-1047: Directory traversal vulnerability in the WWWHELP Service (js/html/wwhelp.htm) in Cyberoam Central Console (CCC) 2.00.2 allows remote attackers to include and…
PriorityP346high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
2.74%
84.3th percentile
Directory traversal vulnerability in the WWWHELP Service (js/html/wwhelp.htm) in Cyberoam Central Console (CCC) 2.00.2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the file parameter in an Online_help action.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cyberoam | cyberoam_central_console | — | — |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_redhat9.8CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-mmqw-m38j-rfmq: Directory traversal vulnerability in the WWWHELP Service (js/html/wwhelp
ghsa_unreviewed·2022-05-17
CVE-2012-1047 [HIGH] CWE-22 GHSA-mmqw-m38j-rfmq: Directory traversal vulnerability in the WWWHELP Service (js/html/wwhelp
Directory traversal vulnerability in the WWWHELP Service (js/html/wwhelp.htm) in Cyberoam Central Console (CCC) 2.00.2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the file parameter in an Online_help action.
Red Hat
crypt(): DES encrypted password weakness
vendor_redhat·2012-05-30·CVSS 4.3
CVE-2012-2143 [MEDIUM] crypt(): DES encrypted password weakness
crypt(): DES encrypted password weakness
The crypt_des (aka DES-based crypt) function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent attackers to obtain access via an authentication attempt with an initial substring of the intended password, as demonstrated by a Unicode password.
Statement: This issue did not affect the version of php as shipped with Red Hat Enterprise Linux 5 as it did not include FreeSec's libcrypt cryptographic algorithms implementation yet. This issue was addressed in php53 package for Red Hat Enterprise Linux 5 via RHSA-2012:1047 and in php package for Red Hat Enterprise Linux 6 via RHSA-2012:1046
Red Hat
php: Integer overflow leading to heap-buffer overflow in the Phar extension
vendor_redhat·2012-05-21·CVSS 7.5
CVE-2012-2386 [HIGH] CWE-190 php: Integer overflow leading to heap-buffer overflow in the Phar extension
php: Integer overflow leading to heap-buffer overflow in the Phar extension
Integer overflow in the phar_parse_tarfile function in tar.c in the phar extension in PHP before 5.3.14 and 5.4.x before 5.4.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tar file that triggers a heap-based buffer overflow.
Statement: This issue did not affect the version of php as shipped with Red Hat Enterprise Linux 5 as it did not include support for phar extension yet. This issue was addressed in php53 package for Red Hat Enterprise Linux 5 via RHSA-2012:1047 and in php package for Red Hat Enterprise Linux 6 via RHSA-2012:1046.
Package: php (Red Hat Enterprise Linux 5) - Not affected
Red Hat
php: incomplete CVE-2012-1823 fix - insecure wrapper
vendor_redhat·2012-05-03·CVSS 9.8
CVE-2012-2335 [CRITICAL] php: incomplete CVE-2012-1823 fix - insecure wrapper
php: incomplete CVE-2012-1823 fix - insecure wrapper
php-wrapper.fcgi does not properly handle command-line arguments, which allows remote attackers to bypass a protection mechanism in PHP 5.3.12 and 5.4.2 and execute arbitrary code by leveraging improper interaction between the PHP sapi/cgi/cgi_main.c component and a query string beginning with a +- sequence.
Statement: The mitigation for CVE-2012-2335 is included in the following PHP updates for Red Hat Enterprise Linux 5 and 6, which also address CVE-2012-2336 (BZ#820708):
https://rhn.redhat.com/errata/RHSA-2012-1045.html
https://rhn.redhat.com/errata/RHSA-2012-1046.html
https://rhn.redhat.com/errata/RHSA-2012-1047.html
Package: php (Red Hat Enterprise Linux 4) - Not affected
Package: php (Red Hat Enterprise Linux 5) - Affected
Pac
No detection rules found.
http://archives.neohapsis.com/archives/bugtraq/2012-02/0036.htmlhttp://www.exploit-db.com/exploits/18473http://www.securityfocus.com/bid/51901http://www.vulnerability-lab.com/get_content.php?id=405http://archives.neohapsis.com/archives/bugtraq/2012-02/0036.htmlhttp://www.exploit-db.com/exploits/18473http://www.securityfocus.com/bid/51901http://www.vulnerability-lab.com/get_content.php?id=405
2012-02-12
Published