cvelistv5 - cve-2011-4722

CVE-2011-4722 (GCVE-0-2011-4722)

Vulnerability from cvelistv5 – Published: 2014-12-28 02:00 – Updated: 2024-08-07 00:16

Summary

Directory traversal vulnerability in the TFTP Server 1.0.0.24 in Ipswitch WhatsUp Gold allows remote attackers to read arbitrary files via a .. (dot dot) in the Filename field of an RRQ operation.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

FKIE_CVE-2011-4722

Vulnerability from fkie_nvd - Published: 2014-12-28 02:59 - Updated: 2025-04-12 10:46

Severity ?

Summary

Directory traversal vulnerability in the TFTP Server 1.0.0.24 in Ipswitch WhatsUp Gold allows remote attackers to read arbitrary files via a .. (dot dot) in the Filename field of an RRQ operation.

References

URL	Tags
cve@mitre.org	http://secpod.org/blog/?p=424	Exploit
cve@mitre.org	http://secunia.com/advisories/47025
cve@mitre.org	http://securitytracker.com/id?1026368
cve@mitre.org	http://www.exploit-db.com/exploits/18189/	Exploit
cve@mitre.org	http://www.osvdb.org/77455
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/71610
cve@mitre.org	https://h20565.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c05054714
af854a3a-2127-422b-91ae-364da2661108	http://secpod.org/blog/?p=424	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/47025
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1026368
af854a3a-2127-422b-91ae-364da2661108	http://www.exploit-db.com/exploits/18189/	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/77455
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/71610
af854a3a-2127-422b-91ae-364da2661108	https://h20565.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c05054714

Impacted products

	Vendor	Product	Version
	ipswitch	tftp_server	1.0.0.24

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ipswitch:tftp_server:1.0.0.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "BABD8CEC-5F3A-464F-B1DC-76B323926B85",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Directory traversal vulnerability in the TFTP Server 1.0.0.24 in Ipswitch WhatsUp Gold allows remote attackers to read arbitrary files via a .. (dot dot) in the Filename field of an RRQ operation."
    },
    {
      "lang": "es",
      "value": "Vulnerailidad de salto en disco en TFTP Server 1.0.0.24 en Ipswitch WhatsUp Gold permite a atacantes remotos leer ficheros arbitrarios a trav\u00e9s de .. (punto punto) en el campo Filename de una operaci\u00f3n RRQ"
    }
  ],
  "id": "CVE-2011-4722",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 7.8,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-12-28T02:59:00.047",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://secpod.org/blog/?p=424"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/47025"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1026368"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.exploit-db.com/exploits/18189/"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/77455"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71610"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://h20565.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c05054714"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://secpod.org/blog/?p=424"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/47025"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1026368"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.exploit-db.com/exploits/18189/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/77455"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71610"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://h20565.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c05054714"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

VAR-201412-0023

Vulnerability from variot - Updated: 2023-12-18 13:03

Directory traversal vulnerability in the TFTP Server 1.0.0.24 in Ipswitch WhatsUp Gold allows remote attackers to read arbitrary files via a .. (dot dot) in the Filename field of an RRQ operation. HP Device Manager is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Remote attackers may use a specially crafted request with directory-traversal sequences ('../') to retrieve arbitrary files from the affected system in the context of the application.Information obtained could aid in further attacks. HP Device Manager 4.7 and prior versions are vulnerable. Ipswitch WhatsUp Gold is a set of unified infrastructure and application monitoring software from Ipswitch in the United States. The software supports the performance management of networks, servers, virtual environments and applications. ----------------------------------------------------------------------

Secunia is hiring!

Find your next job here:

http://secunia.com/company/jobs/

TITLE: Ipswitch TFTP Server Directory Traversal Vulnerability

SECUNIA ADVISORY ID: SA47025

VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47025/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47025

RELEASE DATE: 2011-12-02

DISCUSS ADVISORY: http://secunia.com/advisories/47025/#comments

AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

http://secunia.com/advisories/47025/

ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

https://ca.secunia.com/?page=viewadvisory&vuln_id=47025

ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

DESCRIPTION: Prabhu S Angadi has discovered a vulnerability in Ipswitch TFTP Server, which can be exploited by malicious people to disclose sensitive information.

SOLUTION: Restrict network access to the service.

PROVIDED AND/OR DISCOVERED BY: Prabhu S Angadi, SecPod Research.

ORIGINAL ADVISORY: http://secpod.org/blog/?p=424

OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

Note: the current version of the following document is available here: https://h20565.www2.hp.com/hpsc/doc/public/display?docId=3Demr_na-c05054714

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05054714 Version: 1

HPSBGN3547 rev.1 - HP Device Manager, Remote Read Access to Arbitrary Files NOTICE: The information in this Security Bulletin should be acted upon as s= oon as possible.

Release Date: 2016-03-21 Last Updated: 2016-03-21

Potential Security Impact: Remote read access to arbitrary files.

References:

CVE-2011-4722
PSR-2015-0273

SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.

HP Device Manager 4.7 and all previous releases, including major releases, minor releases, and service packs

*ONLY impacted versions are listed.

BACKGROUND

For a PGP signed version of this security bulletin please write to: security-alert@hp.com

CVSS 2.0 Base Metrics =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D Reference Base Vector Base Scor= e CVE-2011-4722 (AV:N/AC:L/Au:N/C:C/I:N/A:N) 7.8 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D Information on CVSS is documented in HP Customer Notice: HPSN2008002. Open File Explorer and go to the directory \HP Device Manager\Gateway\PxeServer.

Right click the file PXEService.exe and select Menu Item Properties.
Select the Details tab and check if File version or Product version has= any version information.
If there is no version information, the PXEService.exe file includes th= e vulnerability CVE-2011-4722 as mentioned above.

HP has made the following product updates available for the impacted produc= ts.

To fix this vulnerability, choose ONE of the following resolution methods:

Resolution 1 - Upgrade HP Device Manager to version 4.7 Service Pack 1 = or higher. In these versions, the vulnerability has been fixed.
1. Download PXEService.zip from ftp://ftp.hp.com/pub/hpdm/Patches/ CVE-2011-4722/PXEService.zip to a temporary folder.
2. Unzip PXEService.zip to get the PXEService.exe file.
3. Go to Windows Control Panel > Administrative Tools > Services.
4. Stop the HPDM PXEService service, if this service has started.
5. Open File Explorer and go to the directory \HP Dev= ice Manager\Gateway\PxeServer.
6. Copy the decompressed PXEService.exe file to this folder to overwri= te the old PXEService.exe file.
7. Start the " HPDM PXEService" in Windows Services.

System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current se= cure solutions.

"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determ= ine the applicability of this information to their individual situations and ta= ke appropriate action. HP does not warrant that this information is necessaril= y accurate or complete for all user situations and, consequently, HP will not= be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranti= es of merchantability and fitness for a particular purpose, title and non-infringement."

REVISION HISTORY

Version:1 (rev.1) 21 March 2016 Initial release

Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.

Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues abou= t the content of this Security Bulletin, send e?mail to hp?security?alert@hp.= com

Report: To report a potential security vulnerability with any HP supported product, send email to: hp?security?alert@hp.com

Subscribe: To initiate a subscription to receive future HP Security Bulleti= n alerts via Email: http://support.hp.com/us/en/subscribe/ Security Bulletin Archive: A list of recently released Security Bulletins i= s available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ secBullArchive

Software Product Category: The Software Product Category is represented in = the title by the two characters following HPSB.

PI =3D HP Printing and Imaging HF =3D HP Hardware and Firmware ST =3D HP Storage Software GN =3D HP General Software

Support: For further information, contact normal HP Services support channe= l.

Report: To report a potential security vulnerability with any HP supported product, send Email to: hp-security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted usi= ng PGP, especially exploit information.

To get the security?alert PGP key, please send an e?mail message as follows= : To: hp?security?alert@hp.com Subject: get key

Hewlett-Packard Company shall not be liable for technical or editorial erro= rs or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or= its affiliates, subcontractors or suppliers will be liable for incidental,speci= al or consequential damages including downtime cost; lost profits;damages rela= ting to the procurement of substitute products or services; or damages for loss = of data, or software restoration. The information in this document is subject = to change without notice. Hewlett-Packard Company and the names of Hewlett-Pac= kard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentione= d herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2

iQIcBAEBCAAGBQJW/q1QAAoJEPRuzn0I+N3ZzuUP/jvrxRZ8wyGyaY62b2N6feeF b4OdDn5pkPH0qEiWtx7VePzjTH352CQmfY5RIX6mGdgjzWs53NS1yNb/zdUWoUDD zUMkQ6MyIW/6hUbBgDSXwcMtshv5TZouUrFsm5hdn1MSG9Z95CZ4Uw7dTjaRXGEC pvkqkIZT6ykKH/XCzbLnRkEIGTFZHVHflJ/5hX2Cr0UQOF1UZ+RmNZ2qjQkz5pRI hf2+kPTx1pgniT8k6PjpceYHYSpflRJeX3/JwTL8Q5Ln4du71bB1QNcsh9LudbXb 4HL4dEI7/VcInOHiCg3OYLP84vxFYx+bIBV/Z0cZJnZyzdIfoQHYBMlaMUJVwShI jt/rqwoK75rWVWWKQ09LhBUJfSu0ab3fpoeB1GOIKh49+w/MkWEAOlLvhbmH0pCy 6Ttpih9tm102/WM9FuRrTi7dXkGwwb0/mfs2NMcy8fRVO1aWB7tpGL4ckiaKwcjB HX/GJLkmVdN8nIKF3LEXD6RuPCSivVdQm+Skx7BM27gx+YMzHVgpMZ0gUE2h6tWe 3Add+KplBHFsKvBC/gC+6VIMJ2iuYfrim5/EgCA6bZiuGo8z74wJmma1uRHtdmnr vOfddkY7ERWgcDm01POhMGjZbxtPQhWJOGiegY4q0Q+2FWzppbYDMXt1UsKDcTKo JjjM2H/sAC1YCl8D4WPk =3D5cnm -----END PGP SIGNATURE-----

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201412-0023",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "tftp server",
        "scope": "eq",
        "trust": 2.7,
        "vendor": "ipswitch",
        "version": "1.0.0.24"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "78379"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-005355"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4722"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201412-579"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:ipswitch:tftp_server:1.0.0.24:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2011-4722"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Thomas Sundell, Uppsala University",
    "sources": [
      {
        "db": "BID",
        "id": "85783"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2011-4722",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 7.8,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 7.8,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2011-4722",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 7.8,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "VHN-52667",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:C/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2011-4722",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201412-579",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-52667",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-52667"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-005355"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4722"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201412-579"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Directory traversal vulnerability in the TFTP Server 1.0.0.24 in Ipswitch WhatsUp Gold allows remote attackers to read arbitrary files via a .. (dot dot) in the Filename field of an RRQ operation. HP Device Manager is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. \nRemote attackers may use a specially crafted request with directory-traversal sequences (\u0027../\u0027) to retrieve arbitrary files from the affected system in the context of the application.Information obtained could aid in further attacks. \nHP Device Manager 4.7 and prior versions are vulnerable. Ipswitch WhatsUp Gold is a set of unified infrastructure and application monitoring software from Ipswitch in the United States. The software supports the performance management of networks, servers, virtual environments and applications. ----------------------------------------------------------------------\n\nSecunia is hiring!\n\nFind your next job here:\n\nhttp://secunia.com/company/jobs/\n\n----------------------------------------------------------------------\n\nTITLE:\nIpswitch TFTP Server Directory Traversal Vulnerability\n\nSECUNIA ADVISORY ID:\nSA47025\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/47025/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47025\n\nRELEASE DATE:\n2011-12-02\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/47025/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/47025/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47025\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nPrabhu S Angadi has discovered a vulnerability in Ipswitch TFTP\nServer, which can be exploited by malicious people to disclose\nsensitive information. \n\nSOLUTION:\nRestrict network access to the service. \n\nPROVIDED AND/OR DISCOVERED BY:\nPrabhu S Angadi, SecPod Research. \n\nORIGINAL ADVISORY:\nhttp://secpod.org/blog/?p=424\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nNote: the current version of the following document is available here:\nhttps://h20565.www2.hp.com/hpsc/doc/public/display?docId=3Demr_na-c05054714\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c05054714\nVersion: 1\n\nHPSBGN3547 rev.1 - HP Device Manager, Remote Read Access to Arbitrary Files\nNOTICE: The information in this Security Bulletin should be acted upon as s=\noon\nas possible. \n\nRelease Date: 2016-03-21\nLast Updated: 2016-03-21\n\nPotential Security Impact: Remote read access to arbitrary files. \n\nReferences:\n\n  * CVE-2011-4722\n  * PSR-2015-0273\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\nHP Device Manager 4.7 and all previous releases, including major releases,\nminor releases, and service packs\n\n*ONLY impacted versions are listed. \n\nBACKGROUND\n\nFor a PGP signed version of this security bulletin please write to:\nsecurity-alert@hp.com\n\nCVSS 2.0 Base Metrics\n=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=\n=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=\n=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=\n=3D=3D=3D=3D=3D\n     Reference                      Base Vector                   Base Scor=\ne\nCVE-2011-4722        (AV:N/AC:L/Au:N/C:C/I:N/A:N)               7.8\n=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=\n=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=\n=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=\n=3D=3D=3D=3D=3D\nInformation on CVSS is documented in HP Customer Notice: HPSN2008002. Open File Explorer and go to the directory \u003cHPDMInstallPath\u003e\\HP Device\n    Manager\\Gateway\\PxeServer. \n\n 2. Right click the file PXEService.exe and select Menu Item Properties. \n\n 3. Select the Details tab and check if File version or Product version has=\n any\n    version information. \n\n 4. If there is no version information, the PXEService.exe file includes th=\ne\n    vulnerability CVE-2011-4722 as mentioned above. \n\nHP has made the following product updates available for the impacted produc=\nts. \n\nTo fix this vulnerability, choose ONE of the following resolution methods:\n\n  * Resolution 1 - Upgrade HP Device Manager to version 4.7 Service Pack 1 =\nor\n    higher. In these versions, the vulnerability has been fixed. \n\n     1. Download PXEService.zip from ftp://ftp.hp.com/pub/hpdm/Patches/\n        CVE-2011-4722/PXEService.zip to a temporary folder. \n\n     2. Unzip PXEService.zip to get the PXEService.exe file. \n\n     3. Go to Windows Control Panel \u003e Administrative Tools \u003e Services. \n\n     4. Stop the HPDM PXEService service, if this service has started. \n\n     5. Open File Explorer and go to the directory \u003cHPDMInstallPath\u003e\\HP Dev=\nice\n        Manager\\Gateway\\PxeServer. \n\n     6. Copy the decompressed PXEService.exe file to this folder to overwri=\nte\n        the old PXEService.exe file. \n\n     7. Start the \" HPDM PXEService\" in Windows Services. \n\nSystem management and security procedures must be reviewed frequently to\nmaintain system integrity. HP is continually reviewing and enhancing the\nsecurity features of software products to provide customers with current se=\ncure\nsolutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the\nattention of users of the affected HP products the important security\ninformation contained in this Bulletin. HP recommends that all users determ=\nine\nthe applicability of this information to their individual situations and ta=\nke\nappropriate action. HP does not warrant that this information is necessaril=\ny\naccurate or complete for all user situations and, consequently, HP will not=\n be\nresponsible for any damages resulting from user\u0027s use or disregard of the\ninformation provided in this Bulletin. To the extent permitted by law, HP\ndisclaims all warranties, either express or implied, including the warranti=\nes\nof merchantability and fitness for a particular purpose, title and\nnon-infringement.\"\n\nREVISION HISTORY\n\nVersion:1 (rev.1) 21 March 2016 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues abou=\nt\nthe content of this Security Bulletin, send e?mail to hp?security?alert@hp.=\ncom\n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send email to: hp?security?alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulleti=\nn\nalerts via Email: http://support.hp.com/us/en/subscribe/\nSecurity Bulletin Archive: A list of recently released Security Bulletins i=\ns\navailable here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/\nsecBullArchive\n\nSoftware Product Category: The Software Product Category is represented in =\nthe\ntitle by the two characters following HPSB. \n\nPI =3D HP Printing and Imaging\nHF =3D HP Hardware and Firmware\nST =3D HP Storage Software\nGN =3D HP General Software\n\nSupport: For further information, contact normal HP Services support channe=\nl. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: hp-security-alert@hp.com It is strongly recommended\nthat security related information being communicated to HP be encrypted usi=\nng\nPGP, especially exploit information. \n\nTo get the security?alert PGP key, please send an e?mail message as follows=\n:\nTo: hp?security?alert@hp.com\nSubject: get key\n\nCopyright 2016 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial erro=\nrs\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or=\n its\naffiliates, subcontractors or suppliers will be liable for incidental,speci=\nal\nor consequential damages including downtime cost; lost profits;damages rela=\nting\nto the procurement of substitute products or services; or damages for loss =\nof\ndata, or software restoration. The information in this document is subject =\nto\nchange without notice. Hewlett-Packard Company and the names of Hewlett-Pac=\nkard\nproducts referenced herein are trademarks of Hewlett-Packard Company in the\nUnited States and other countries. Other product and company names mentione=\nd\nherein may be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v2\n\niQIcBAEBCAAGBQJW/q1QAAoJEPRuzn0I+N3ZzuUP/jvrxRZ8wyGyaY62b2N6feeF\nb4OdDn5pkPH0qEiWtx7VePzjTH352CQmfY5RIX6mGdgjzWs53NS1yNb/zdUWoUDD\nzUMkQ6MyIW/6hUbBgDSXwcMtshv5TZouUrFsm5hdn1MSG9Z95CZ4Uw7dTjaRXGEC\npvkqkIZT6ykKH/XCzbLnRkEIGTFZHVHflJ/5hX2Cr0UQOF1UZ+RmNZ2qjQkz5pRI\nhf2+kPTx1pgniT8k6PjpceYHYSpflRJeX3/JwTL8Q5Ln4du71bB1QNcsh9LudbXb\n4HL4dEI7/VcInOHiCg3OYLP84vxFYx+bIBV/Z0cZJnZyzdIfoQHYBMlaMUJVwShI\njt/rqwoK75rWVWWKQ09LhBUJfSu0ab3fpoeB1GOIKh49+w/MkWEAOlLvhbmH0pCy\n6Ttpih9tm102/WM9FuRrTi7dXkGwwb0/mfs2NMcy8fRVO1aWB7tpGL4ckiaKwcjB\nHX/GJLkmVdN8nIKF3LEXD6RuPCSivVdQm+Skx7BM27gx+YMzHVgpMZ0gUE2h6tWe\n3Add+KplBHFsKvBC/gC+6VIMJ2iuYfrim5/EgCA6bZiuGo8z74wJmma1uRHtdmnr\nvOfddkY7ERWgcDm01POhMGjZbxtPQhWJOGiegY4q0Q+2FWzppbYDMXt1UsKDcTKo\nJjjM2H/sAC1YCl8D4WPk\n=3D5cnm\n-----END PGP SIGNATURE-----\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2011-4722"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-005355"
      },
      {
        "db": "BID",
        "id": "85783"
      },
      {
        "db": "BID",
        "id": "78379"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52667"
      },
      {
        "db": "PACKETSTORM",
        "id": "107476"
      },
      {
        "db": "PACKETSTORM",
        "id": "136522"
      }
    ],
    "trust": 2.43
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-52667",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-52667"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2011-4722",
        "trust": 3.2
      },
      {
        "db": "EXPLOIT-DB",
        "id": "18189",
        "trust": 2.0
      },
      {
        "db": "SECTRACK",
        "id": "1026368",
        "trust": 2.0
      },
      {
        "db": "SECUNIA",
        "id": "47025",
        "trust": 1.8
      },
      {
        "db": "OSVDB",
        "id": "77455",
        "trust": 1.7
      },
      {
        "db": "XF",
        "id": "71610",
        "trust": 0.9
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-005355",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201412-579",
        "trust": 0.7
      },
      {
        "db": "BID",
        "id": "85783",
        "trust": 0.4
      },
      {
        "db": "BID",
        "id": "78379",
        "trust": 0.4
      },
      {
        "db": "PACKETSTORM",
        "id": "136522",
        "trust": 0.2
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-72382",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-52667",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "107476",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-52667"
      },
      {
        "db": "BID",
        "id": "85783"
      },
      {
        "db": "BID",
        "id": "78379"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-005355"
      },
      {
        "db": "PACKETSTORM",
        "id": "107476"
      },
      {
        "db": "PACKETSTORM",
        "id": "136522"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4722"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201412-579"
      }
    ]
  },
  "id": "VAR-201412-0023",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-52667"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T13:03:29.808000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Managing the TFTP server",
        "trust": 0.8,
        "url": "http://docs.ipswitch.com/nm/85_whatsup%20gold%20v14.2/03_help/index.htm?26957.htm?toc.htm"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-005355"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-22",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-52667"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-005355"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4722"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.9,
        "url": "http://secpod.org/blog/?p=424"
      },
      {
        "trust": 2.0,
        "url": "http://www.exploit-db.com/exploits/18189/"
      },
      {
        "trust": 2.0,
        "url": "http://securitytracker.com/id?1026368"
      },
      {
        "trust": 1.7,
        "url": "http://www.osvdb.org/77455"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/47025"
      },
      {
        "trust": 1.4,
        "url": "https://h20565.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c05054714"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71610"
      },
      {
        "trust": 0.9,
        "url": "http://xforce.iss.net/xforce/xfdb/71610"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4722"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4722"
      },
      {
        "trust": 0.3,
        "url": "http://www.hp.com"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/47025/#comments"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/47025/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/company/jobs/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_intelligence/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/personal/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47025"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-4722"
      },
      {
        "trust": 0.1,
        "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
      },
      {
        "trust": 0.1,
        "url": "https://h20565.www2.hp.com/hpsc/doc/public/display?docid=3demr_na-c05054714"
      },
      {
        "trust": 0.1,
        "url": "http://support.hp.com/us/en/subscribe/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-52667"
      },
      {
        "db": "BID",
        "id": "85783"
      },
      {
        "db": "BID",
        "id": "78379"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-005355"
      },
      {
        "db": "PACKETSTORM",
        "id": "107476"
      },
      {
        "db": "PACKETSTORM",
        "id": "136522"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4722"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201412-579"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-52667"
      },
      {
        "db": "BID",
        "id": "85783"
      },
      {
        "db": "BID",
        "id": "78379"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-005355"
      },
      {
        "db": "PACKETSTORM",
        "id": "107476"
      },
      {
        "db": "PACKETSTORM",
        "id": "136522"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4722"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201412-579"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-12-28T00:00:00",
        "db": "VULHUB",
        "id": "VHN-52667"
      },
      {
        "date": "2016-03-21T00:00:00",
        "db": "BID",
        "id": "85783"
      },
      {
        "date": "2014-12-27T00:00:00",
        "db": "BID",
        "id": "78379"
      },
      {
        "date": "2015-01-06T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2011-005355"
      },
      {
        "date": "2011-12-02T04:32:11",
        "db": "PACKETSTORM",
        "id": "107476"
      },
      {
        "date": "2016-04-04T16:44:49",
        "db": "PACKETSTORM",
        "id": "136522"
      },
      {
        "date": "2014-12-28T02:59:00.047000",
        "db": "NVD",
        "id": "CVE-2011-4722"
      },
      {
        "date": "2014-12-27T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201412-579"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-08-29T00:00:00",
        "db": "VULHUB",
        "id": "VHN-52667"
      },
      {
        "date": "2016-03-21T00:00:00",
        "db": "BID",
        "id": "85783"
      },
      {
        "date": "2014-12-27T00:00:00",
        "db": "BID",
        "id": "78379"
      },
      {
        "date": "2015-01-06T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2011-005355"
      },
      {
        "date": "2017-08-29T01:30:32.880000",
        "db": "NVD",
        "id": "CVE-2011-4722"
      },
      {
        "date": "2015-01-04T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201412-579"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "136522"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201412-579"
      }
    ],
    "trust": 0.7
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Ipswitch WhatsUp Gold of  TFTP Server traversal vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-005355"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Input Validation Error",
    "sources": [
      {
        "db": "BID",
        "id": "85783"
      },
      {
        "db": "BID",
        "id": "78379"
      }
    ],
    "trust": 0.6
  }
}

GHSA-VWVC-6CMX-P29R

Vulnerability from github – Published: 2022-05-17 01:51 – Updated: 2025-04-12 12:43

Details

Directory traversal vulnerability in the TFTP Server 1.0.0.24 in Ipswitch WhatsUp Gold allows remote attackers to read arbitrary files via a .. (dot dot) in the Filename field of an RRQ operation.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2011-4722"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2014-12-28T02:59:00Z",
    "severity": "HIGH"
  },
  "details": "Directory traversal vulnerability in the TFTP Server 1.0.0.24 in Ipswitch WhatsUp Gold allows remote attackers to read arbitrary files via a .. (dot dot) in the Filename field of an RRQ operation.",
  "id": "GHSA-vwvc-6cmx-p29r",
  "modified": "2025-04-12T12:43:29Z",
  "published": "2022-05-17T01:51:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-4722"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71610"
    },
    {
      "type": "WEB",
      "url": "https://h20565.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c05054714"
    },
    {
      "type": "WEB",
      "url": "http://secpod.org/blog/?p=424"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/47025"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1026368"
    },
    {
      "type": "WEB",
      "url": "http://www.exploit-db.com/exploits/18189"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/77455"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2011-4722

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Directory traversal vulnerability in the TFTP Server 1.0.0.24 in Ipswitch WhatsUp Gold allows remote attackers to read arbitrary files via a .. (dot dot) in the Filename field of an RRQ operation.

Aliases

CVE-2011-4722

Aliases

CVE-2011-4722

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2011-4722",
    "description": "Directory traversal vulnerability in the TFTP Server 1.0.0.24 in Ipswitch WhatsUp Gold allows remote attackers to read arbitrary files via a .. (dot dot) in the Filename field of an RRQ operation.",
    "id": "GSD-2011-4722"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2011-4722"
      ],
      "details": "Directory traversal vulnerability in the TFTP Server 1.0.0.24 in Ipswitch WhatsUp Gold allows remote attackers to read arbitrary files via a .. (dot dot) in the Filename field of an RRQ operation.",
      "id": "GSD-2011-4722",
      "modified": "2023-12-13T01:19:05.499368Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2011-4722",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Directory traversal vulnerability in the TFTP Server 1.0.0.24 in Ipswitch WhatsUp Gold allows remote attackers to read arbitrary files via a .. (dot dot) in the Filename field of an RRQ operation."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "77455",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/77455"
          },
          {
            "name": "http://secpod.org/blog/?p=424",
            "refsource": "MISC",
            "url": "http://secpod.org/blog/?p=424"
          },
          {
            "name": "47025",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/47025"
          },
          {
            "name": "HPSBGN3547",
            "refsource": "HP",
            "url": "https://h20565.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c05054714"
          },
          {
            "name": "1026368",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1026368"
          },
          {
            "name": "ipswitch-tftp-directory-traversal(71610)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71610"
          },
          {
            "name": "18189",
            "refsource": "EXPLOIT-DB",
            "url": "http://www.exploit-db.com/exploits/18189/"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:ipswitch:tftp_server:1.0.0.24:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-4722"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in the TFTP Server 1.0.0.24 in Ipswitch WhatsUp Gold allows remote attackers to read arbitrary files via a .. (dot dot) in the Filename field of an RRQ operation."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-22"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://secpod.org/blog/?p=424",
              "refsource": "MISC",
              "tags": [
                "Exploit"
              ],
              "url": "http://secpod.org/blog/?p=424"
            },
            {
              "name": "18189",
              "refsource": "EXPLOIT-DB",
              "tags": [
                "Exploit"
              ],
              "url": "http://www.exploit-db.com/exploits/18189/"
            },
            {
              "name": "77455",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/77455"
            },
            {
              "name": "1026368",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1026368"
            },
            {
              "name": "47025",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/47025"
            },
            {
              "name": "HPSBGN3547",
              "refsource": "HP",
              "tags": [],
              "url": "https://h20565.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c05054714"
            },
            {
              "name": "ipswitch-tftp-directory-traversal(71610)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71610"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 7.8,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-08-29T01:30Z",
      "publishedDate": "2014-12-28T02:59Z"
    }
  }
}

CNVD-2015-00057

Vulnerability from cnvd - Published: 2015-01-06

Title

Ipswitch WhatsUp Gold目录遍历漏洞

Description

Ipswitch WhatsUp Gold是一款基于Windows的网络监视应用程序。 Ipswitch WhatsUp Gold存在目录遍历漏洞，允许远程攻击者通过在文件名字段的RRQ操作读取任意文件。

Severity

高

Patch Name

Ipswitch WhatsUp Gold目录遍历漏洞的补丁

Patch Description

Ipswitch WhatsUp Gold是一款基于Windows的网络监视应用程序。Ipswitch WhatsUp Gold存在目录遍历漏洞，允许远程攻击者通过在文件名字段的RRQ操作读取任意文件。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可参考如下厂商提供的安全公告获取补丁以修复该漏洞: http://www.whatsupgold.com/index.aspx

Reference

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4722

Impacted products

Name
Ipswitch, Inc TFTP Server 1.0.0.24

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2011-4722"
    }
  },
  "description": "Ipswitch WhatsUp Gold\u662f\u4e00\u6b3e\u57fa\u4e8eWindows\u7684\u7f51\u7edc\u76d1\u89c6\u5e94\u7528\u7a0b\u5e8f\u3002\r\n\r\nIpswitch WhatsUp Gold\u5b58\u5728\u76ee\u5f55\u904d\u5386\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7\u5728\u6587\u4ef6\u540d\u5b57\u6bb5\u7684RRQ\u64cd\u4f5c\u8bfb\u53d6\u4efb\u610f\u6587\u4ef6\u3002",
  "discovererName": "Prabhu S Angadi from SecPod Technologies",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u53d6\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e:\r\nhttp://www.whatsupgold.com/index.aspx",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-00057",
  "openTime": "2015-01-06",
  "patchDescription": "Ipswitch WhatsUp Gold\u662f\u4e00\u6b3e\u57fa\u4e8eWindows\u7684\u7f51\u7edc\u76d1\u89c6\u5e94\u7528\u7a0b\u5e8f\u3002Ipswitch WhatsUp Gold\u5b58\u5728\u76ee\u5f55\u904d\u5386\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7\u5728\u6587\u4ef6\u540d\u5b57\u6bb5\u7684RRQ\u64cd\u4f5c\u8bfb\u53d6\u4efb\u610f\u6587\u4ef6\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Ipswitch WhatsUp Gold\u76ee\u5f55\u904d\u5386\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Ipswitch, Inc TFTP Server  1.0.0.24"
  },
  "referenceLink": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4722",
  "serverity": "\u9ad8",
  "submitTime": "2015-01-04",
  "title": "Ipswitch WhatsUp Gold\u76ee\u5f55\u904d\u5386\u6f0f\u6d1e"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2011-4722 (GCVE-0-2011-4722)

FKIE_CVE-2011-4722

VAR-201412-0023

GHSA-VWVC-6CMX-P29R

GSD-2011-4722

CNVD-2015-00057

Tags

Sightings

Nomenclature