Directory traversal vulnerability in the callback function in client.php in phpCAS before 1.1.3, when proxy mode is enabled, allows remote attackers to create or overwrite arbitrary files via directory traversal sequences in a Proxy Granting Ticket IOU (PGTiou) parameter.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2010-10-07T20:21:00
Updated: 2010-11-03T09:00:00
Reserved: 2010-10-01T00:00:00
Link: CVE-2010-3692
JSON object: View
NVD Information
Status : Modified
Published: 2010-10-07T21:00:02.017
Modified: 2019-12-30T12:59:17.950
Link: CVE-2010-3692
JSON object: View
Redhat Information
No data.
CWE