Signature Detail

HTTP: Parameter Directory Traversal 1

This signature detects directory traversal attempts within HTTP GET or POST form parameters. Attackers can exploit a poorly-written CGI program to access or modify private files.

Extended Description

Multiple directory traversal vulnerabilities in the AgentController in Red Hat CloudForms Management Engine 2.0 allow remote attackers to create and overwrite arbitrary files via a .. (dot dot) in the filename parameter to the (1) log, (2) upload, or (3) linuxpkgs method.

Affected Products

• Redhat cloudforms_management_engine 5.1

References

• BugTraq: 37692
• BugTraq: 38925
• BugTraq: 40179
• BugTraq: 98535
• BugTraq: 98522
• BugTraq: 41031
• BugTraq: 45112
• BugTraq: 99330
• BugTraq: 38731
• BugTraq: 39200
• BugTraq: 39237
• BugTraq: 67779
• CVE: CVE-2010-1060
• CVE: CVE-2010-1999
• CVE: CVE-2010-2129
• CVE: CVE-2010-2507
• CVE: CVE-2010-4282
• CVE: CVE-2012-5330
• CVE: CVE-2017-6621
• CVE: CVE-2017-6635
• CVE: CVE-2017-9812
• CVE: CVE-2017-16598
• CVE: CVE-2016-6600
• CVE: CVE-2015-8249
• CVE: CVE-2013-2068
• CVE: CVE-2014-3440
• CVE: CVE-2009-1911
• CVE: CVE-2014-10001
• CVE: CVE-2010-0943
• CVE: CVE-2010-0953
• CVE: CVE-2010-0972
• CVE: CVE-2010-1057
• CVE: CVE-2010-1058
• CVE: CVE-2010-1306
• CVE: CVE-2010-1313
• CVE: CVE-2014-3914
• URL: http://console-cowboys.blogspot.com/2014/03/the-curious-case-of-ninjamonkeypiratela.html
• URL: https://blogs.securiteam.com/index.php/archives/2712
• URL: https://community.rapid7.com/community/infosec/blog/2015/12/14/r7-2015-22-manageengine-desktop-central-9-fileuploadservlet-connectionid-vulnerability-cve-2015-8249
• URL: http://seclists.org/fulldisclosure/2016/Aug/54