Information Exposure vulnerability in eXtplorer makes the /usr/ and /etc/extplorer/ system directories world-accessible over HTTP. Introduced in the Makefile patch file debian/patches/debian-changes-2.1.0b6+dfsg-1 or debian/patches/adds-a-makefile.patch, this can lead to data leakage, information disclosure and potentially remote code execution on the web server. This issue affects all versions of eXtplorer in Ubuntu and Debian
References
Link | Resource |
---|---|
https://launchpad.net/bugs/1822013 | Issue Tracking Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: canonical
Published: 2019-03-27T00:00:00
Updated: 2020-04-09T23:50:11
Reserved: 2019-02-01T00:00:00
Link: CVE-2019-7305
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-04-10T00:15:11.347
Modified: 2021-09-13T14:24:18.987
Link: CVE-2019-7305
JSON object: View
Redhat Information
No data.