Jump to:

CVE-2012-1050

Jump to:

CVE-2012-1050

Package mathopd updated to version 1.6b15-alt1 for branch sisyphus_e2k.

Published: 2012-02-13
Modified: 2024-11-21

CVE-2012-1050

Directory traversal vulnerability in Mathopd 1.4.x and 1.5.x before 1.5p7, when configured with the * construct for mass virtual hosting, allows remote attackers to read arbitrary files via a crafted Host header.

Severity: MEDIUM (4.3)

References:

20120203 Mathopd - Directory Traversal Vulnerability
78896
47908
[mathopd] 20120202 security alert: directory traversal when using * in Location
http://www.mathopd.org/security.html
1026641
mathopd-http-directory-traversal(73049)
20120203 Mathopd - Directory Traversal Vulnerability
mathopd-http-directory-traversal(73049)
1026641
http://www.mathopd.org/security.html
[mathopd] 20120202 security alert: directory traversal when using * in Location
47908
78896

Version: 2.1.0

Package mathopd update in sisyphus_e2k on 2023-02-10

ALT-PU-2023-2503-1

Closed vulnerabilities

CVE-2012-1050