CVE-2006-3070

NONECVSS 0.0

0.0

write_ok.php in Zeroboard 4.1 pl8, when installed on Apache with mod_mime, allows remote attackers to bypass restrictions for uploading files with executable extensions by uploading a .htaccess file that with an AddType directive that assigns an executable module to files with assumed-safe extensions, as demonstrated by assigning the txt extension to be handled by application/x-httpd-php.

🔗 References (14)

cve@mitrehttp://marc.info/?l=full-disclosure&m=115044567831726&w=2
cve@mitrehttp://secunia.com/advisories/20592
cve@mitrehttp://securecast.wins21.com/zerovul.html
cve@mitrehttp://www.securityfocus.com/archive/1/437442/30/4320/threaded
cve@mitrehttp://www.securityfocus.com/bid/18465
cve@mitrehttp://www.vupen.com/english/advisories/2006/2318
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/27038
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=full-disclosure&m=115044567831726&w=2
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20592
af854a3a-2127-422b-91ae-364da2661108http://securecast.wins21.com/zerovul.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/437442/30/4320/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/18465
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/2318
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/27038

Is Your Infrastructure Affected by CVE-2006-3070?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2006-3070

📅 Published

🔄 Last Modified

🔗 References (14)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2006-3070?