Directory Traversal Vulnerability in IBM Director Software
CVE-2006-4681

Currently unrated

Key Information:

Vendor: IBM
Status: Director
Vendor: CVE Published:; 11 September 2006

Summary

A directory traversal vulnerability exists in Redirect.bat of IBM Director prior to version 5.10, enabling remote attackers to access arbitrary files on the server by exploiting a '..' (dot dot) sequence in the file parameter. This flaw can lead to unauthorized disclosure of sensitive information, as attackers can manipulate the file path to traverse the directory structure and read restricted files.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/28836

vdb-entryx_refsource_XF

ftp://ftp.software.ibm.com/pc/pccbbs/pc_servers_pdf/dir5....

vendor-advisoryx_refsource_AIXAPAR

http://securitytracker.com/id?1016815

vdb-entryx_refsource_SECTRACK

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 11, 2006
Vulnerability Reserved
Sep 11, 2006