CVE-2008-0457
CVE-2008-0457
Unrestricted file upload vulnerability in the FileUpload class running on the Symantec LiveState Apache Tomcat server, as used by Symantec Backup Exec System Recovery Manager 7.0 and 7.0.1, allows remote attackers to upload and execute arbitrary JSP files via unknown vectors.
Productos afectados
n/a · n/aPoCs públicas encontradas — 2
cve_referencewww.exploit-db.com/exploits/5078no verificadoexploitdbwww.exploit-db.com/exploits/31072no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://secunia.com/advisories/28787http://seer.entsupport.symantec.com/docs/297171.htmhttps://www.exploit-db.com/exploits/5078http://www.securityfocus.com/archive/1/487688/100/0/threadedhttp://www.securityfocus.com/bid/27487http://www.securitytracker.com/id?1019303http://www.symantec.com/avcenter/security/Content/2008.02.04.htmlhttp://www.vupen.com/english/advisories/2008/0413http://www.zerodayinitiative.com/advisories/ZDI-08-003.html