Security Vulnerabilities, CVEs, Published In November 2011 (Directory traversal)
Directory traversal vulnerability in main.php in Merethis Centreon before 2.3.2 allows remote authenticated users to execute arbitrary commands via a .. (dot dot) in the command_name parameter.
Max CVSS
6.5
EPSS Score
0.26%
Published
2011-11-10
Updated
2012-02-14
CVE-2011-4404
Public exploit
The default configuration of the HTTP server in Jetty in vSphere Update Manager in VMware vCenter Update Manager 4.0 before Update 4 and 4.1 before Update 2 allows remote attackers to conduct directory traversal attacks and read arbitrary files via unspecified vectors, a related issue to CVE-2009-1523.
Max CVSS
5.0
EPSS Score
96.63%
Published
2011-11-19
Updated
2011-12-13
Directory traversal vulnerability in openpam_configure.c in OpenPAM before r478 on FreeBSD 8.1 allows local users to load arbitrary DSOs and gain privileges via a .. (dot dot) in the service_name argument to the pam_start function, as demonstrated by a .. in the -c option to kcheckpass.
Max CVSS
6.9
EPSS Score
0.06%
Published
2011-11-17
Updated
2017-08-29
Directory traversal vulnerability in pure-FTPd 1.0.22 and possibly other versions, when running on SUSE Linux Enterprise Server and possibly other operating systems, when the Netware OES remote server feature is enabled, allows local users to overwrite arbitrary files via unknown vectors.
Max CVSS
3.6
EPSS Score
0.04%
Published
2011-11-04
Updated
2017-08-29
4 vulnerabilities found