RSS   Podatności dla 'Surgeldap'   RSS

2004-12-31
 
CVE-2004-2254

 

 
SurgeLDAP 1.0g (Build 12), and possibly other versions before 1.0h, allows remote attackers to bypass authentication for the administration interface via a direct request to admin.cgi with a modified utoken parameter.

 
 
CVE-2004-2253

 

 
Directory traversal vulnerability in user.cgi in SurgeLDAP 1.0g and earlier allows remote attackers to read arbitrary files via a .. in the page parameter of the show command.

 

 >>> Vendor: Netwin 12 Produkty
Dmail
Dnews
Cwmail
Dmailweb
Netauth
Surgeftp
Webmail
Webnews
Surgeldap
Surgemail
Dnewsweb
Smsgate


Copyright 2024, cxsecurity.com

 

Back to Top