Multiple directory traversal vulnerabilities in BarracudaDrive Web Server before 3.8 allow (1) remote attackers to read arbitrary files via certain ..\ (dot dot backslash) sequences in the URL path, or (2) remote authenticated users to delete arbitrary files or create arbitrary directories via a ..\ (dot dot backslash) sequence in the dir parameter to /drive/c/bdusers/USER/.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2007-12-12T00:00:00
Updated: 2024-08-07T16:02:36.565Z
Reserved: 2007-12-11T00:00:00
Link: CVE-2007-6317
Vulnrichment
No data.
NVD
Status : Modified
Published: 2007-12-12T00:46:00.000
Modified: 2024-11-21T00:39:51.420
Link: CVE-2007-6317
Redhat
No data.