CVE-2008-2717

NONECVSS 0.0

0.0

TYPO3 4.0.x before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.2.1, uses an insufficiently restrictive default fileDenyPattern for Apache, which allows remote attackers to bypass security restrictions and upload configuration files such as .htaccess, or conduct file upload attacks using multiple extensions.

🔗 References (20)

cve@mitrehttp://buzz.typo3.org/teams/security/article/advice-on-core-security-issue-regarding-filedenypattern/
cve@mitrehttp://secunia.com/advisories/30619
cve@mitrehttp://secunia.com/advisories/30660
cve@mitrehttp://securityreason.com/securityalert/3945
cve@mitrehttp://typo3.org/teams/security/security-bulletins/typo3-20080611-1/
cve@mitrehttp://www.debian.org/security/2008/dsa-1596
cve@mitrehttp://www.securityfocus.com/archive/1/493270/100/0/threaded
cve@mitrehttp://www.securityfocus.com/bid/29657
cve@mitrehttp://www.vupen.com/english/advisories/2008/1802
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/42988
af854a3a-2127-422b-91ae-364da2661108http://buzz.typo3.org/teams/security/article/advice-on-core-security-issue-regarding-filedenypattern/
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30619
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30660
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/3945
af854a3a-2127-422b-91ae-364da2661108http://typo3.org/teams/security/security-bulletins/typo3-20080611-1/

Is Your Infrastructure Affected by CVE-2008-2717?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2008-2717

📅 Published

🔄 Last Modified

🔗 References (20)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2008-2717?