CVE-2010-0620

Related Files

EMC HomeBase Server Directory Traversal Remote Code Execution

Posted Apr 28, 2011

Authored by MC | Site metasploit.com

This Metasploit module exploits a directory traversal and remote code execution flaw in EMC HomeBase Server 6.3.0. Note: This Metasploit module has only been tested against Windows XP SP3 and Windows 2003 SP2.

tags | exploit, remote, code execution

systems | windows

advisories | CVE-2010-0620

SHA-256 | e1157c518d84a4ffe3868bae4edb8772e80255a4824a34ca07799e7a7f517728

Download | Favorite | View

EMC HomeBase Server Arbitrary File Upload

Posted Feb 25, 2010

Site emc.com

EMC HomeBase Server contains a vulnerability that may allow an unauthenticated remote user to upload arbitrary files on the affected HomeBase Server. Versions 6.2.x and 6.3.x are affected.

tags | advisory, remote, arbitrary

advisories | CVE-2010-0620

SHA-256 | 1481b43fd91ee9d43c4ca39ea27c50887e8ea9279062e3564ef9f2bc7328f2f6

Download | Favorite | View

Zero Day Initiative Advisory 10-020

Posted Feb 25, 2010

Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-020 - This vulnerability allows remote attackers to upload arbitrary files on vulnerable installations of EMC HomeBase Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HomeBase SSL Service due to a failure to sanitize '../' directory traversal modifiers from a parameter. This will allow a user to specify any filename to upload arbitrary contents into. Successful exploitation can result in code execution under the context of the service.

tags | advisory, remote, arbitrary, code execution

advisories | CVE-2010-0620

SHA-256 | 94b735cb9134c2f95e503f506eef61a55020e96a2a8404d05a17d6880d25f3d2

Download | Favorite | View