CVE-2016-0784
Low
Low
Medium
High
Critical
CVSS Score
Vulnerability Description
Directory traversal vulnerability in the Import/Export System Backups functionality in Apache OpenMeetings before 3.1.1 allows remote authenticated administrators to write to arbitrary files via a .. (dot dot) in a ZIP archive entry.
Known Affected Software
14 configuration(s) from 1 vendor(s)
openmeetings
Version:
2.2.0
CPE:
cpe:2.3:a:apache:openmeetings:2.2.0:*:*:*:*:*:*:*
openmeetings
Version:
3.0.7
CPE:
cpe:2.3:a:apache:openmeetings:3.0.7:*:*:*:*:*:*:*
openmeetings
Version:
2.0
CPE:
cpe:2.3:a:apache:openmeetings:2.0:*:*:*:*:*:*:*
openmeetings
Version:
1.0.0
CPE:
cpe:2.3:a:apache:openmeetings:1.0.0:*:*:*:*:*:*:*
openmeetings
Version:
3.1.0
CPE:
cpe:2.3:a:apache:openmeetings:3.1.0:*:*:*:*:*:*:*
openmeetings
Version:
2.1.1
CPE:
cpe:2.3:a:apache:openmeetings:2.1.1:*:*:*:*:*:*:*
openmeetings
Version:
3.0.3
CPE:
cpe:2.3:a:apache:openmeetings:3.0.3:*:*:*:*:*:*:*
openmeetings
Version:
3.0.6
CPE:
cpe:2.3:a:apache:openmeetings:3.0.6:*:*:*:*:*:*:*
openmeetings
Version:
3.0.0
CPE:
cpe:2.3:a:apache:openmeetings:3.0.0:*:*:*:*:*:*:*
openmeetings
Version:
3.0.5
CPE:
cpe:2.3:a:apache:openmeetings:3.0.5:*:*:*:*:*:*:*
openmeetings
Version:
3.0.2
CPE:
cpe:2.3:a:apache:openmeetings:3.0.2:*:*:*:*:*:*:*
openmeetings
Version:
3.0.1
CPE:
cpe:2.3:a:apache:openmeetings:3.0.1:*:*:*:*:*:*:*
openmeetings
Version:
2.1
CPE:
cpe:2.3:a:apache:openmeetings:2.1:*:*:*:*:*:*:*
openmeetings
Version:
3.0.4
CPE:
cpe:2.3:a:apache:openmeetings:3.0.4:*:*:*:*:*:*:*
This vulnerability affects 14 software configuration(s). Ensure you patch all affected systems.
References & Resources
-
http://haxx.ml/post/141655340521/all-your-meetings-are-belong-to-us-remote-codesecalert@redhat.com
-
http://openmeetings.apache.org/security.htmlsecalert@redhat.com Patch Vendor Advisory
-
http://packetstormsecurity.com/files/136484/Apache-OpenMeetings-3.1.0-Path-Traversal.htmlsecalert@redhat.com
-
http://www.openwall.com/lists/oss-security/2016/03/25/2secalert@redhat.com
-
http://www.securityfocus.com/archive/1/537929/100/0/threadedsecalert@redhat.com
-
https://www.apache.org/dist/openmeetings/3.1.1/CHANGELOGsecalert@redhat.com Vendor Advisory
-
https://www.exploit-db.com/exploits/39642/secalert@redhat.com
-
http://haxx.ml/post/141655340521/all-your-meetings-are-belong-to-us-remote-codeaf854a3a-2127-422b-91ae-364da2661108
-
http://openmeetings.apache.org/security.htmlaf854a3a-2127-422b-91ae-364da2661108 Patch Vendor Advisory
-
http://packetstormsecurity.com/files/136484/Apache-OpenMeetings-3.1.0-Path-Traversal.htmlaf854a3a-2127-422b-91ae-364da2661108
-
http://www.openwall.com/lists/oss-security/2016/03/25/2af854a3a-2127-422b-91ae-364da2661108
-
http://www.securityfocus.com/archive/1/537929/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
-
https://www.apache.org/dist/openmeetings/3.1.1/CHANGELOGaf854a3a-2127-422b-91ae-364da2661108 Vendor Advisory
-
https://www.exploit-db.com/exploits/39642/af854a3a-2127-422b-91ae-364da2661108
Severity Details
out of 10.0
Low
Weakness Type (CWE)
CWE-22
Top 25 #6
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
- Description
- The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can…
- Exploit Likelihood
- High
- Typical Severity
- High
- OWASP Top 10
- A01:2021-Broken Access Control
- Abstraction Level
- Base
Key Information
- Published Date
- April 11, 2016
