Summary
The host is running TVersity and is prone to directory traversal vulnerability.
Impact
Successful exploitation may allow an attacker to obtain sensitive information, which can lead to launching further attacks.
Impact Level: Application
Solution
No solution or patch was made available for at least one year since disclosure of this vulnerability. Likely none will be provided anymore.
General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one.
Insight
The flaw is due to an input validation error in the TVersity media server when processing web requests can be exploited to disclose arbitrary files via directory traversal attacks.
Affected
TVersity version 1.9.7 and prior
References
Severity
Classification
-
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Ecava IntegraXor Directory Traversal Vulnerability
- IBM WebSphere Application Server (WAS) Multiple Vulnerabilities 01 - March 2011
- GoAhead Webserver Multiple Stored Cross Site Scripting Vulnerabilities
- jHTTPd Directory Traversal Vulnerability
- Apache Tomcat HTTP NIO Denial Of Service Vulnerability (Windows)