CVE-2004-1444

NONE EPSS 94.5%
Published Dec 31, 200421y ago · Modified Jun 16, 20262w ago
Find Similar
Published Dec 31, 2004 21y ago
Last Modified Jun 16, 2026 2w ago

Description

Directory traversal vulnerability in Roundup 0.6.4 and earlier allows remote attackers to view arbitrary files via .. (dot dot) sequences in an @@ command in an HTTP GET request.

Threat Intelligence

EPSS Exploit Probability
94.5% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 1

CWE-22 Path Traversal Resource Mgmt

Affected Products 46

VendorProductVersionRange
roundup-trackerroundup* ≤0.6.4
roundup-trackerroundup0.1.0any
roundup-trackerroundup0.1.1any
roundup-trackerroundup0.1.2any
roundup-trackerroundup0.1.3any
roundup-trackerroundup0.2.0any
roundup-trackerroundup0.2.1any
roundup-trackerroundup0.2.2any
roundup-trackerroundup0.2.3any
roundup-trackerroundup0.2.4any
roundup-trackerroundup0.2.5any
roundup-trackerroundup0.2.6any
roundup-trackerroundup0.2.7any
roundup-trackerroundup0.2.8any
roundup-trackerroundup0.3.0any
roundup-trackerroundup0.3.0any
roundup-trackerroundup0.3.0any
roundup-trackerroundup0.3.0any
roundup-trackerroundup0.4.0any
roundup-trackerroundup0.4.0any
roundup-trackerroundup0.4.0any
roundup-trackerroundup0.4.1any
roundup-trackerroundup0.4.2any
roundup-trackerroundup0.4.2any
roundup-trackerroundup0.5any
roundup-trackerroundup0.5.0any
roundup-trackerroundup0.5.0any
roundup-trackerroundup0.5.0any
roundup-trackerroundup0.5.0any
roundup-trackerroundup0.5.1any
roundup-trackerroundup0.5.2any
roundup-trackerroundup0.5.3any
roundup-trackerroundup0.5.4any
roundup-trackerroundup0.5.5any
roundup-trackerroundup0.5.6any
roundup-trackerroundup0.5.7any
roundup-trackerroundup0.5.8any
roundup-trackerroundup0.5.9any
roundup-trackerroundup0.6.0any
roundup-trackerroundup0.6.0any
roundup-trackerroundup0.6.0any
roundup-trackerroundup0.6.0any
roundup-trackerroundup0.6.0any
roundup-trackerroundup0.6.1any
roundup-trackerroundup0.6.2any
roundup-trackerroundup0.6.3any

References 7

Remediation

  • secunia.com http://secunia.com/advisories/11801/
    ExploitPatchVendor Advisory
  • gentoo.org http://www.gentoo.org/security/en/glsa/glsa-200408-09.xml
    Patch
  • securityfocus.com http://www.securityfocus.com/bid/10495
    ExploitPatch