Dell EqualLogic PS6110X Directory Traversal Vulnerability
BID:59066
Info
Dell EqualLogic PS6110X Directory Traversal Vulnerability
| Bugtraq ID: | 59066 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 19 2013 12:00AM |
| Updated: | Feb 19 2013 12:00AM |
| Credit: | Evan Sylvester and r () b13$ |
| Vulnerable: |
Dell EqualLogic PS6110X 6.0.3 Dell EqualLogic PS6110X 6.0 |
| Not Vulnerable: |
Dell EqualLogic PS6110X 6.0.4 |
Discussion
Dell EqualLogic PS6110X Directory Traversal Vulnerability
EqualLogic PS6110X is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input.
Exploiting this issue can allow an attacker to gain access to arbitrary system files. Information harvested may aid in launching further attacks.
EqualLogic PS6110X Firmware versions 6.0.0 through 6.0.3 are vulnerable.
EqualLogic PS6110X is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input.
Exploiting this issue can allow an attacker to gain access to arbitrary system files. Information harvested may aid in launching further attacks.
EqualLogic PS6110X Firmware versions 6.0.0 through 6.0.3 are vulnerable.
Exploit / POC
Dell EqualLogic PS6110X Directory Traversal Vulnerability
An attacker can exploit this issue with a web browser.
An attacker can exploit this issue with a web browser.
Solution / Fix
Dell EqualLogic PS6110X Directory Traversal Vulnerability
Solution:
Reportedly the issue is fixed, however Symantec has not confirmed this. Please contact the vendor for more information.
Solution:
Reportedly the issue is fixed, however Symantec has not confirmed this. Please contact the vendor for more information.
References
Dell EqualLogic PS6110X Directory Traversal Vulnerability
References:
References:
- DDIVRT-2013-52 Dell EqualLogic PS6110X Directory Traversal (Full Disclosure)
- Dell EqualLogic PS6110X Homepage (Dell)
- Dell Homepage (Dell)