SecuritySpace - CVE-2011-2757

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2011-2757

Description: Directory traversal vulnerability in FileDownload.jsp in ManageEngine ServiceDesk Plus 8.0.0.12 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the FILENAME parameter. NOTE: this might overlap the US-CERT VU#543310 issue.

Test IDs: 1.3.6.1.4.1.25623.1.0.103184

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2011-2757
http://www.exploit-db.com/exploits/17503/

CVE ID:	CVE-2011-2757
Description:	Directory traversal vulnerability in FileDownload.jsp in ManageEngine ServiceDesk Plus 8.0.0.12 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the FILENAME parameter. NOTE: this might overlap the US-CERT VU#543310 issue.
Test IDs:	1.3.6.1.4.1.25623.1.0.103184
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2011-2757 http://www.exploit-db.com/exploits/17503/