 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| CVE ID: | CVE-2010-4282 |
| Description: | Multiple directory traversal vulnerabilities in Pandora FMS before 3.1.1 allow remote attackers to include and execute arbitrary local files via (1) the page parameter to ajax.php or (2) the id parameter to general/pandora_help.php, and allow remote attackers to include and execute, create, modify, or delete arbitrary local files via (3) the layout parameter to operation/agentes/networkmap.php. |
| Test IDs: | None available |
| Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2010-4282 BugTraq ID: 45112 http://www.securityfocus.com/bid/45112 Bugtraq: 20101130 Pandora FMS Authentication Bypass and Multiple Input Validation Vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/514939/100/0/threaded http://www.exploit-db.com/exploits/15643 http://seclists.org/fulldisclosure/2010/Nov/326 http://osvdb.org/69543 http://osvdb.org/69544 http://osvdb.org/69545 http://secunia.com/advisories/42347 |