OpenCVE

Directory traversal vulnerability in SQL-Ledger, and LedgerSMB before 1.1.5, allows remote attackers to read and overwrite arbitrary files, and execute arbitrary code, via . (dot) characters adjacent to (1) users and (2) users/members strings, which are removed by blacklisting functions that filter these strings and collapse into .. (dot dot) sequences.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Ledgersmb	Ledgersmb
Sql-ledger	Sql-ledger

Configuration 1 [-]

OR	cpe:2.3:a:ledgersmb:ledgersmb::::::::
	cpe:2.3:a:sql-ledger:sql-ledger:2.6.25:::::::*

No data.

References

Link	Providers
http://osvdb.org/33619
http://osvdb.org/33621
http://secunia.com/advisories/24363
http://secunia.com/advisories/24366
http://securityreason.com/securityalert/2381
http://securitytracker.com/id?1017715
http://www.securityfocus.com/archive/1/461630/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/32776

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-03-07T21:00:00

Updated: 2024-08-07T12:50:35.165Z

Reserved: 2007-03-07T00:00:00

Link: CVE-2007-1329

Vulnrichment

No data.

NVD

Status : Modified

Published: 2007-03-07T21:19:00.000

Modified: 2024-11-21T00:28:02.693

Link: CVE-2007-1329

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-03-01T00:00:00", "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in SQL-Ledger, and LedgerSMB before 1.1.5, allows remote attackers to read and overwrite arbitrary files, and execute arbitrary code, via . (dot) characters adjacent to (1) users and (2) users/members strings, which are removed by blacklisting functions that filter these strings and collapse into .. (dot dot) sequences."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "24363", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24363"}, {"name": "33619", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/33619"}, {"name": "33621", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/33621"}, {"name": "20070301 Full disclosure: Directory Transversal and Arbitrary Code Execution Vulnerability in SQL-Ledger and LedgerSMB", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/461630/100/0/threaded"}, {"name": "2381", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/2381"}, {"name": "24366", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24366"}, {"name": "sqlledger-userpathmemberfile-dir-traversal(32776)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32776"}, {"name": "1017715", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1017715"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-1329", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Directory traversal vulnerability in SQL-Ledger, and LedgerSMB before 1.1.5, allows remote attackers to read and overwrite arbitrary files, and execute arbitrary code, via . (dot) characters adjacent to (1) users and (2) users/members strings, which are removed by blacklisting functions that filter these strings and collapse into .. (dot dot) sequences."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "24363", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24363"}, {"name": "33619", "refsource": "OSVDB", "url": "http://osvdb.org/33619"}, {"name": "33621", "refsource": "OSVDB", "url": "http://osvdb.org/33621"}, {"name": "20070301 Full disclosure: Directory Transversal and Arbitrary Code Execution Vulnerability in SQL-Ledger and LedgerSMB", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/461630/100/0/threaded"}, {"name": "2381", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/2381"}, {"name": "24366", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24366"}, {"name": "sqlledger-userpathmemberfile-dir-traversal(32776)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32776"}, {"name": "1017715", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1017715"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T12:50:35.165Z"}, "title": "CVE Program Container", "references": [{"name": "24363", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24363"}, {"name": "33619", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/33619"}, {"name": "33621", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/33621"}, {"name": "20070301 Full disclosure: Directory Transversal and Arbitrary Code Execution Vulnerability in SQL-Ledger and LedgerSMB", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/461630/100/0/threaded"}, {"name": "2381", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/2381"}, {"name": "24366", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24366"}, {"name": "sqlledger-userpathmemberfile-dir-traversal(32776)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32776"}, {"name": "1017715", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1017715"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-1329", "datePublished": "2007-03-07T21:00:00", "dateReserved": "2007-03-07T00:00:00", "dateUpdated": "2024-08-07T12:50:35.165Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ledgersmb:ledgersmb:*:*:*:*:*:*:*:*", "matchCriteriaId": "17E0DA0F-6168-4BAD-8CA1-F867886A6546", "versionEndIncluding": "1.1.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.25:*:*:*:*:*:*:*", "matchCriteriaId": "7EC85020-344F-4B75-A79E-CA190FD8D335", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in SQL-Ledger, and LedgerSMB before 1.1.5, allows remote attackers to read and overwrite arbitrary files, and execute arbitrary code, via . (dot) characters adjacent to (1) users and (2) users/members strings, which are removed by blacklisting functions that filter these strings and collapse into .. (dot dot) sequences."}, {"lang": "es", "value": "Vulnerabilidad de escalado de directorio en SQL-Ledger, y LedgerSMB versiones anteriores a 1.1.5, permite a atacantes remotos leer y sobre-escribir ficheros de su elecci\u00f3n, y ejecutar c\u00f3digo de su elecci\u00f3n mediante caracteres . (punto) adyacentes a cadenas (1) users y (2) users/members, que son eliminadas por funciones lista-negra que filtran dichas cadenas y las reducen en secuencias .. (punto punto)."}], "id": "CVE-2007-1329", "lastModified": "2024-11-21T00:28:02.693", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-03-07T21:19:00.000", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/33619"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/33621"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/24363"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/24366"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/2381"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1017715"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/461630/100/0/threaded"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32776"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/33619"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/33621"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/24363"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/24366"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/2381"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1017715"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/461630/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32776"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}