CVE-2004-1444

Directory traversal vulnerability in Roundup 0.6.4 and earlier allows remote attackers to view arbitrary files via .. (dot dot) sequences in an @@ command in an HTTP GET request.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:roundup-tracker:roundup:*:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.6.0:b1:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.6.0:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.5.4:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.5.1:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.4.1:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.4.2:pr1:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.3.0:pre3:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.2.1:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.2.7:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.1.1:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.5.8:stable:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.2.3:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.5.3:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.5.6:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.5.0:beta1:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.5.0:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.5.5:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.4.0:b1:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.4.2:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.2.8:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.3.0:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.6.0:b4:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.3.0:pre1:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.5.0:beta2:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.3.0:pre2:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.5.7:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.1.2:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.2.2:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.2.5:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.6.0:b3:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.6.0:b2:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.5.2:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.4.0:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.1.0:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.2.0:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.6.3:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.5:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.2.6:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.4.0:b2:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.6.2:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.5.9:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.1.3:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.5.0:pr1:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.2.4:*:*:*:*:*:*:*

Information

Published : 2004-12-30 21:00

Updated : 2017-07-10 18:31


NVD link : CVE-2004-1444

Mitre link : CVE-2004-1444


JSON object : View

CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Advertisement

dedicated server usa

Products Affected

roundup-tracker

  • roundup