Summary
Cogent DataHub is prone to a directory-traversal vulnerability, an information-disclosure vulnerability and to multiple buffer-overflow and integer-overflow vulnerabilities.
Exploiting the issues may allow an attacker to obtain sensitive information that could aid in further attacks or may allow attackers to execute arbitrary code within the context of the privileged domain.
Cogent DataHub 7.1.1.63 is vulnerable
other versions may also
be affected.
References
Severity
Classification
-
CVE CVE-2011-3500, CVE-2011-3501 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Apache Struts Cross Site Scripting Vulnerability
- Apache Tomcat 'sendfile' Request Attributes Information Disclosure Vulnerability
- APC PowerChute Network Shutdown 'security/applet' Cross Site Scripting Vulnerability
- 12Planet Chat Server one2planet.infolet.InfoServlet XSS
- Apache Tomcat Information Disclosure Vulnerability