← back
CVE-2004-1678

CVE-2004-1678

EPSS 7.2%
Directory traversal vulnerability in pdesk.cgi in PerlDesk allows remote attackers to read portions of arbitrary files and possibly execute arbitrary Perl modules via ".." sequences terminated by a %00 (null) character in the lang parameter, which can leak portions of the requested files if a compilation error message occurs.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/24591unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://marc.info/?l=bugtraq&m=109509026406554&w=2http://secunia.com/advisories/12512https://exchange.xforce.ibmcloud.com/vulnerabilities/19712http://www.securityfocus.com/bid/11160