OSVDB ID: 39746

Title: activeWeb contentserver Restricted Account Arbitrary File Creation

Info

Disclosure

Jul 13, 2007

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

Classification

Location: Remote / Network Access
Impact: Loss of Integrity
Solution: Upgrade
Disclosure: Vendor Verified
OSVDB: Web Related

Solution

Upgrade to version 5.6.2964 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Unknown or Incomplete

References

CVE ID: 2007-3018 (see also: NVD)
Bugtraq ID: 24900
Secunia Advisory ID: 26063
ISS X-Force ID: 35400
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-07/0131.html
Other Advisory URL: http://securityreason.com/securityalert/2899
http://www.redteam-pentesting.de/advisories/rt-sa-2007-007.php

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/39746