Best Software SalesLogix几个远程漏洞

漏洞信息详情

Best Software SalesLogix几个远程漏洞

• CNNVD编号：CNNVD-200410-025
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2004-1612
  
• 漏洞类型：
  
  
  路径遍历
  
• 发布时间：
  
  2004-10-18
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  saleslogix_corporation
• 漏洞来源：
  .’);”>Disclosure of thes…

SalesLogix 6.1版本存在目录遍历漏洞。远程攻击者可以ProcessQueueFile请求的借助..(点 点)下载任意文件。

Updates have been released that resolve these issues. These updates are reportedly available to registered customers through the vendor’s support portal. Please see the referenced support page for more information.

来源: XF
名称: saleslogix-processqueuefile-file-upload(17765)
链接:http://xforce.iss.net/xforce/xfdb/17765

来源: BID
名称: 11450
链接:http://www.securityfocus.com/bid/11450

来源: SECUNIA
名称: 12883
链接:http://secunia.com/advisories/12883

来源: BUGTRAQ
名称: 20041018 Multiple vulnerabilities in Sage Saleslogix
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=109811852218478&w=2

来源: OSVDB
名称: 10949
链接:http://www.osvdb.org/10949

来源: SECTRACK
名称: 1011769
链接:http://securitytracker.com/id?1011769

来源: FULLDISC
名称: 20041018 Multiple vulnerabilities in Sage Saleslogix
链接:http://archives.neohapsis.com/archives/fulldisclosure/2004-10/0661.html