Short Name |
HTTP:DIR:PARAMETER-TRAVERSE-1 |
---|---|
Severity |
Minor |
Recommended |
No |
Category |
HTTP |
Keywords |
Parameter Directory Traversal 1 |
Release Date |
2016/08/23 |
Update Number |
2771 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects directory traversal attempts within HTTP GET or POST form parameters. Attackers can exploit a poorly-written CGI program to access or modify private files.
Multiple directory traversal vulnerabilities in the AgentController in Red Hat CloudForms Management Engine 2.0 allow remote attackers to create and overwrite arbitrary files via a .. (dot dot) in the filename parameter to the (1) log, (2) upload, or (3) linuxpkgs method.