Polycom ViewStation Unicode目录遍历漏洞

漏洞信息详情

Polycom ViewStation Unicode目录遍历漏洞

• CNNVD编号：CNNVD-200301-011
• 危害等级： 高危
  
  
• CVE编号：
  CVE-2002-0627
  
• 漏洞类型：
  
  
  输入验证
  
• 发布时间：
  
  2003-01-07
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-05-13
  
• 厂        商：
  
  polycom
• 漏洞来源：
  Discovery of this …

Polycom ViewStation 7.2.4之前版本的web服务器存在漏洞。远程攻击者可以借助Unicode编码的请求绕过认证且读取文件。

This issue has been addressed in ViewStation FX/VS4000 4.2. Fixes for other products are scheduled for later release. Those affected by this issue should contact the vendor about obtaining fixes.

来源: CIAC
名称: M-123
链接:http://www.ciac.org/ciac/bulletins/m-123.shtml

来源: BID
名称: 5632
链接:http://www.securityfocus.com/bid/5632

来源: www.polycom.com
链接:http://www.polycom.com/common/pw_item_show_doc/0,,1444,00.pdf

来源: XF
名称: viewstation-unicode-retrieve-password(9348)
链接:http://www.iss.net/security_center/static/9348.php

来源: ISS
名称: 20020904 Multiple Remote Vulnerabilities in Polycom Videoconferencing Products
链接:http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21089