CWE
22
Advisory Published
Updated

CVE-2011-4711: Path Traversal

First published: Thu Dec 08 2011(Updated: )

Multiple directory traversal vulnerabilities in namazu.cgi in Namazu before 2.0.16 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) lang or (2) result parameter.

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
Namazu Namazu=1.3.0.0-beta13
Namazu Namazu=2.0.6-rc2
Namazu Namazu=0.1.4
Namazu Namazu=1.1.0a
Namazu Namazu=1.0.1
Namazu Namazu=0.3.2
Namazu Namazu=1.3.0.1
Namazu Namazu=1.3.0.0-beta1
Namazu Namazu=1.2.1.0-beta10
Namazu Namazu=2.0.2
Namazu Namazu=1.2.1.0-beta9
Namazu Namazu=2.0.15-pre4
Namazu Namazu=1.2.1.0-beta12
Namazu Namazu=0.2.0
Namazu Namazu=2.0.8-pre1
Namazu Namazu=2.0.11-pre3
Namazu Namazu=1.1.2.3
Namazu Namazu=1.1.1.2
Namazu Namazu=1.3.0.0-beta2
Namazu Namazu=2.0.6-pre3
Namazu Namazu=2.0.6-rc1
Namazu Namazu=1.0.0
Namazu Namazu=1.1.2
Namazu Namazu=1.4.0.0-beta4
Namazu Namazu=2.0.15-rc5
Namazu Namazu=1.4.0.0-alpha6
Namazu Namazu=2.0.11-pre1
Namazu Namazu=1.3.0.0-beta6
Namazu Namazu=1.1.1.1
Namazu Namazu=1.3.1.0-alpha5
Namazu Namazu=2.0.7
Namazu Namazu=1.0.4
Namazu Namazu=2.0.11
Namazu Namazu=2.0.15-pre3
Namazu Namazu=2.0.13-rc2
Namazu Namazu=1.2.0.4
Namazu Namazu=2.0.13
Namazu Namazu=2.0.4
Namazu Namazu=0.3.3
Namazu Namazu=1.1.2.2
Namazu Namazu=1.3.1.0-alpha3
Namazu Namazu=1.4.0.0-beta1
Namazu Namazu=1.2.1.0-beta8
Namazu Namazu=1.1.1.4
Namazu Namazu=1.2.0.3
Namazu Namazu=0.3.0
Namazu Namazu=2.0.1
Namazu Namazu=0.2.1
Namazu Namazu=1.3.1.0-alpha10
Namazu Namazu=2.0.6
Namazu Namazu=2.0.13-rc3
Namazu Namazu=2.0.7-pre3
Namazu Namazu=1.3.0.0-beta3
Namazu Namazu=0.2.2
Namazu Namazu=1.1.0
Namazu Namazu=2.0.7-pre1
Namazu Namazu=2.0.11-pre2
Namazu Namazu=2.0.9-rc1
Namazu Namazu=1.3.1.0-alpha6
Namazu Namazu=1.3.0.1-beta1
Namazu Namazu=2.0.8
Namazu Namazu=2.0.15-rc1
Namazu Namazu=2.0.13-pre8
Namazu Namazu=1.1.1.5
Namazu Namazu=1.0.4b
Namazu Namazu=1.0.4a
Namazu Namazu=1.4.0.0-beta7
Namazu Namazu=1.3.0.0-beta10
Namazu Namazu=2.0
Namazu Namazu=1.3.0.0-beta8
Namazu Namazu=2.0.6-rc5
Namazu Namazu=1.2.1.0-beta13
Namazu Namazu<=2.0.16
Namazu Namazu=2.0.6-rc3
Namazu Namazu=2.0.13-rc1
Namazu Namazu=1.2.1.0-beta6
Namazu Namazu=2.0.15-rc4
Namazu Namazu=2.0.7-pre2
Namazu Namazu=2.0.13-pre3
Namazu Namazu=1.3.0.0
Namazu Namazu=1.4.0.0-alpha1
Namazu Namazu=1.2.0
Namazu Namazu=1.3.0.2
Namazu Namazu=0.1.0
Namazu Namazu=1.4.0.0-alpha5
Namazu Namazu=1.4.0.0-alpha2
Namazu Namazu=1.1.1.3
Namazu Namazu=1.0.2
Namazu Namazu=2.0.11-pre4
Namazu Namazu=1.4.0.0-alpha4
Namazu Namazu=2.0.6-rc7
Namazu Namazu=1.3.1.0-alpha2
Namazu Namazu=1.3.1.0-alpha8
Namazu Namazu=2.0.15
Namazu Namazu=2.0.16-rc2
Namazu Namazu=2.0.13-pre4
Namazu Namazu=0.1.1
Namazu Namazu=1.4.0.0-alpha3
Namazu Namazu=1.3.1.0-alpha11
Namazu Namazu=1.4.0.0-beta2
Namazu Namazu=1.3.0.0-beta4
Namazu Namazu=2.0.9
Namazu Namazu=2.0.6-rc6
Namazu Namazu=2.0.13-pre7
Namazu Namazu=2.0.10-rc2
Namazu Namazu=1.3.1.0-alpha9
Namazu Namazu=1.2.1.0-beta7
Namazu Namazu=1.4.0.0-beta5
Namazu Namazu=1.3.0.0-beta9
Namazu Namazu=1.1.2.5
Namazu Namazu=2.0.5
Namazu Namazu=2.0.15-rc3
Namazu Namazu=1.1.2.4
Namazu Namazu=1.3.1.0-alpha7
Namazu Namazu=1.4.0.0-beta6
Namazu Namazu=1.3.1.0-alpha1
Namazu Namazu=1.3.0.0-beta11
Namazu Namazu=2.0.13-pre6
Namazu Namazu=1.2.1.0-beta11
Namazu Namazu=1.4.0.0-beta3
Namazu Namazu=1.1.1
Namazu Namazu=0.1.2
Namazu Namazu=1.4.0.0-beta8
Namazu Namazu=2.0.6-pre2
Namazu Namazu=2.0.15-rc2
Namazu Namazu=0.3.1
Namazu Namazu=1.2.0.2
Namazu Namazu=1.2.0.1
Namazu Namazu=2.0.15-pre1
Namazu Namazu=1.3.1.0-alpha4
Namazu Namazu=2.0.10
Namazu Namazu=2.0.15-pre2
Namazu Namazu=1.2.0.5-beta2
Namazu Namazu=0.1.3
Namazu Namazu=2.0.13-pre5
Namazu Namazu=2.0.6-rc4
Namazu Namazu=1.1.2.1
Namazu Namazu=1.2.1.0-beta5
Namazu Namazu=1.4.0.0-alpha7
Namazu Namazu=1.3.0.0-beta12
Namazu Namazu=1.0.3
Namazu Namazu=1.3.0.0-beta5
Namazu Namazu=2.0.6-pre1
Namazu Namazu=2.0.3
Namazu Namazu=2.0.12
Namazu Namazu=2.0.13-rc4
Namazu Namazu=1.3.0.0-beta7
Namazu Namazu=2.0.10-rc1

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203