|
|
Vulnerability Assessment & Network Security Forums |
|||||||||
|
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Misc. >> Hobbit Monitor config Command Directory Traversal Vulnerability Vulnerability Assessment Details
|
Hobbit Monitor config Command Directory Traversal Vulnerability |
||
|
Tries to read a local file using hobbitd Detailed Explanation for this Vulnerability Assessment Summary : The remote server is affected by an information disclosure vulnerability. Description : The version of the Hobbit Monitor daemon installed on the remote host does not properly filter the argument to the 'config' command of directory traversal sequences. An unauthenticated attacker can leverage this flaw to retrieve arbitrary files from the affected host subject to the rights of the user id under which hobbitd runs. See also : http://www.securityfocus.com/archive/1/442036/30/0/threaded Solution : Upgrade to Hobbit version 4.1.2p2 or later. Network Security Threat Level: Low / CVSS Base Score : 2.3 (AV:R/AC:L/Au:NR/C:P/I:N/A:N/B:N) Networks Security ID: 19317 Vulnerability Assessment Copyright: This script is Copyright (C) 2006 Tenable Network Security |
||
|
Hubs |
|
||
|
No Discussions have been posted on this vulnerability. |