Summary
Dell EqualLogicis prone to a directory-traversal vulnerability.
Impact
Exploiting this issue can allow an attacker to gain access to arbitrary system files. Information harvested may aid in launching further attacks.
Solution
Ask the Vendor for an update.
Insight
Dell EqualLogicis fails to sufficiently sanitize user-supplied input.
Affected
Dell EqualLogic Firmware versions 6.0 is vulnerable other versions
may also be affected.
Detection
Send a special crafted HTTP GET request and check the response.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2013-3304 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Apache Rave User Information Disclosure Vulnerability
- Apache Tomcat 'sendfile' Request Attributes Information Disclosure Vulnerability
- Apache Open For Business HTML injection vulnerability
- Apache Commons Daemon 'jsvc' Information Disclosure Vulnerability
- Apache Tomcat Information Disclosure Vulnerability