← back
CVE-2009-1526

CVE-2009-1526

EPSS 0.6%
JBMC Software DirectAdmin before 1.334 allows local users to create or overwrite any file via a symlink attack on an arbitrary file in a certain temporary directory, related to a request for this temporary file in the PATH_INFO to the CMD_DB script during a backup action.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://archives.neohapsis.com/archives/fulldisclosure/2009-04/0228.htmlhttp://osvdb.org/54014http://secunia.com/advisories/34861http://www.directadmin.com/features.php?id=968