Directory Traversal Vulnerability in SurgeLDAP by SurgeWorks
CVE-2004-2253

Currently unrated

Key Information:

Vendor

Netwin

Status
Surgeldap
Vendor
CVE Published:
31 December 2004

What is CVE-2004-2253?

A directory traversal vulnerability exists in the user.cgi script of SurgeLDAP 1.0g and earlier. This flaw allows remote attackers to manipulate the page parameter in the show command, enabling them to access arbitrary files on the system by using the '..' (dot-dot) notation. Such exploitation could lead to unauthorized access to sensitive information and system files, posing a significant risk to the security of affected installations.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/10103
vdb-entryx_refsource_BID
http://members.lycos.co.uk/r34ct/main/SurgeLDAP%201.0g.txt
x_refsource_MISC
http://secunia.com/advisories/11343
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.