Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Directory traversal vulnerability in (a) PatchLink Update Server (PLUS) before 6.1 P1 and 6.2.x before 6.2 SR1 P1 and (b) Novell ZENworks 6.2 SR1 and earlier allows remote attackers to overwrite arbitrary files and directories via a .. (dot dot) sequence in the (1) action, (2) agentid, or (3) index parameters to dagent/nwupload.asp, which are used as pathname components.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
PatchLink Update Server目录遍历漏洞
Vulnerability Description
(a) PatchLink Update Server (PLUS) 6.1 P1之前版本和6.2 SR1 P1 之前的6.2.x版本和(b) Novell ZENworks 6.2 SR1之前版本存在目录遍历漏洞。远程攻击者可以借助用作文件名组成部分的,对dagent/nwupload.asp的(1) action, (2) agentid,或(3) index参数(该参数中包含..)序列,重写任意文件或目录。
CVSS Information
N/A
Vulnerability Type
N/A