漏洞信息详情

Mega Upload Progress Bar未明文件上传漏洞

  • CNNVD编号:CNNVD-200412-1127
  • 危害等级: 中危
  • CVE编号: CVE-2004-2743
  • 漏洞类型: 权限许可和访问控制
  • 发布时间: 2004-12-31
  • 威胁类型: 远程
  • 更新时间: 2007-10-10
  • 厂        商: raditha_dissanayake
  • 漏洞来源: raditha_dissanayake

漏洞简介

Mega Upload Progress Bar 1.45之前版本的upload.cgi存在漏洞。远程攻击者借助与上传文件名相关的未明参数复制或者覆盖任意文件。

漏洞公告

The vendor has released Mega Upload Progress Bar 1.45 to address this issue. Mega Upload Progress Bar Mega Upload Progress Bar 1.30

Mega Upload Progress Bar Mega Upload Progress Bar 1.35 Mega Upload Progress Bar Mega Upload Progress Bar 1.43 Mega Upload Progress Bar Mega Upload Progress Bar 1.44

参考网址

来源: www.raditha.com 链接:http://www.raditha.com/blog/archives/000547.html 来源: SECUNIA 名称: 12993 链接:http://secunia.com/advisories/12993 来源: XF 名称: megaupload-upload(17882) 链接:http://xforce.iss.net/xforce/xfdb/17882 来源: BID 名称: 11547 链接:http://www.securityfocus.com/bid/11547 来源: OSVDB 名称: 11171 链接:http://www.osvdb.org/11171 来源: sourceforge.net 链接:http://sourceforge.net/project/shownotes.php?release_id=277989 来源: SECTRACK 名称: 1011960 链接:http://securitytracker.com/id?1011960

补丁

    暂无

漏洞信息快速查询

相关漏洞

更多