Test Kennung:	1.3.6.1.4.1.25623.1.0.902253
Kategorie:	Web application abuses
Titel:	YelloSoft Pinky Directory Traversal Vulnerability
Zusammenfassung:	This host is running YelloSoft Pinky and is prone to Directory;Traversal vulnerability.
Beschreibung:	Summary: This host is running YelloSoft Pinky and is prone to Directory Traversal vulnerability. Vulnerability Insight: Input passed via the URL is not properly verified before being used to read files. This can be exploited to download arbitrary files via directory traversal attacks. Vulnerability Impact: Successful exploitation will allow attacker to gain information about directory and file locations. Affected Software/OS: Yellosoft pinky version 1.0 and prior on windows. Solution: No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3487 http://packetstormsecurity.org/1009-exploits/pinky10-traversal.txt http://www.johnleitch.net/Vulnerabilities/Pinky.1.0.Directory.Traversal/42 http://www.osvdb.org/68141 http://secunia.com/advisories/41538
Copyright	Copyright (C) 2010 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.