Kyocera Mita Scanner File Utility File Transfer Directory Traversal Vulnerability
BID:30855
Info
Kyocera Mita Scanner File Utility File Transfer Directory Traversal Vulnerability
| Bugtraq ID: | 30855 |
| Class: | Input Validation Error |
| CVE: |
CVE-2008-7110 CVE-2008-7109 |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 26 2008 12:00AM |
| Updated: | Jul 06 2016 02:18PM |
| Credit: | Seth Fogie of White Wolf Security |
| Vulnerable: |
Kyocera Mita Scanner File Utility 3.3.0.1 |
| Not Vulnerable: | |
Discussion
Kyocera Mita Scanner File Utility File Transfer Directory Traversal Vulnerability
Kyocera Mita Scanner File Utility is prone to a directory-traversal vulnerability because it fails to adequately sanitize user-supplied input.
Attackers can exploit this issue to create and overwrite arbitrary files on the affected computer.
Kyocera Mita Scanner File Utility 3.3.0.1 is vulnerable; other versions may also be affected.
Kyocera Mita Scanner File Utility is prone to a directory-traversal vulnerability because it fails to adequately sanitize user-supplied input.
Attackers can exploit this issue to create and overwrite arbitrary files on the affected computer.
Kyocera Mita Scanner File Utility 3.3.0.1 is vulnerable; other versions may also be affected.
Exploit / POC
Kyocera Mita Scanner File Utility File Transfer Directory Traversal Vulnerability
The following exploit code is available:
The following exploit code is available:
Solution / Fix
Kyocera Mita Scanner File Utility File Transfer Directory Traversal Vulnerability
Solution:
Reports indicate that the vendor released a fix to address this issue. Please see the references for more information.
Solution:
Reports indicate that the vendor released a fix to address this issue. Please see the references for more information.
References
Kyocera Mita Scanner File Utility File Transfer Directory Traversal Vulnerability
References:
References:
- Vendor Homepage (Kyocera Mita)
- White Wolf Labs #080826-1: Kyocera Mita Scanner File Utility (Multiple) (Seth Fogie