CVE-2009-1526

NONE EPSS 42.1%
Published May 5, 200917y ago · Modified Jun 16, 20262w ago
Find Similar
Published May 5, 2009 17y ago
Last Modified Jun 16, 2026 2w ago

Description

JBMC Software DirectAdmin before 1.334 allows local users to create or overwrite any file via a symlink attack on an arbitrary file in a certain temporary directory, related to a request for this temporary file in the PATH_INFO to the CMD_DB script during a backup action.

Threat Intelligence

EPSS Exploit Probability
42.1% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-59

Affected Products 1

VendorProductVersionRange
directadmindirectadmin* <1.33.4

References 4

  • archives.neohapsis.com http://archives.neohapsis.com/archives/fulldisclosure/2009-04/0228.html
    Broken Link
  • osvdb.org http://osvdb.org/54014
    Broken Link
  • secunia.com http://secunia.com/advisories/34861
    Vendor Advisory
  • directadmin.com http://www.directadmin.com/features.php?id=968
    Release NotesVendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.