ID de Prueba:	1.3.6.1.4.1.25623.1.0.12271
Categoría:	CGI abuses
Título:	Crystal Report virtual directory traversal
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is running a version of Crystal Report Web interface which is vulnerable to a remote directory traversal bug. An attacker exploiting this bug would be able to gain access to potentially confidential material outside of the web root. For more information, see: http://support.businessobjects.com/fix/hot/critical/bulletins/security_bulletin_june04.asp If you use Crystal Reports through a Microsoft product, see also : http://www.microsoft.com/technet/security/bulletin/MS04-017.mspx Solution: Upgrade the software or utilize ACLs on the virtual directory Risk factor : High
Referencia Cruzada:	BugTraq ID: 10260 Common Vulnerability Exposure (CVE) ID: CVE-2004-0204 http://www.securityfocus.com/bid/10260 Bugtraq: 20040502 Crystal Reports Vulnerabilities (Google Search) http://marc.info/?l=bugtraq&m=108360413811017&w=2 Bugtraq: 20040608 Vulnerability: Arbitrary File Access & DoS in Crystal Reports (Google Search) http://marc.info/?l=bugtraq&m=108671836127360&w=2 Microsoft Security Bulletin: MS04-017 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-017 http://www.osvdb.org/6748 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1157 http://secunia.com/advisories/11800 XForce ISS Database: crystalreports-file-deletion(16044) https://exchange.xforce.ibmcloud.com/vulnerabilities/16044
Copyright	This script is Copyright (C) 2004 Tenable Network Security

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.