 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.101004 |
| Kategorie: | Windows : Microsoft Bulletins |
| Titel: | Microsoft IIS Directory Traversal Vulnerability (MS04-017) - Active Check |
| Zusammenfassung: | A directory traversal vulnerability exists in Crystal Reports; and Crystal Enterprise from Business Objects that runs on Microsoft IIS which could allow; information disclosure and denial of service attacks on an affected system. |
| Beschreibung: | Summary: A directory traversal vulnerability exists in Crystal Reports and Crystal Enterprise from Business Objects that runs on Microsoft IIS which could allow information disclosure and denial of service attacks on an affected system. Vulnerability Impact: An attacker who successfully exploited the vulnerability could retrieve and delete files through the Crystal Reports and Crystal Enterprise Web interface on an affected system. Solution: Microsoft has released a patch to fix this issue. Please see the references for more information. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2004-0204 BugTraq ID: 10260 http://www.securityfocus.com/bid/10260 Bugtraq: 20040502 Crystal Reports Vulnerabilities (Google Search) http://marc.info/?l=bugtraq&m=108360413811017&w=2 Bugtraq: 20040608 Vulnerability: Arbitrary File Access & DoS in Crystal Reports (Google Search) http://marc.info/?l=bugtraq&m=108671836127360&w=2 Microsoft Security Bulletin: MS04-017 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-017 http://www.osvdb.org/6748 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1157 http://secunia.com/advisories/11800 XForce ISS Database: crystalreports-file-deletion(16044) https://exchange.xforce.ibmcloud.com/vulnerabilities/16044 |
| Copyright | Copyright (C) 2009 Christian Eric Edjenguele |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |