Software602 602Pro LAN SUITE < 2004.0.05.0509 Directory Traversal Arbitrary File Access

Medium Nessus Network Monitor Plugin ID 2883


The remote host is vulnerable to a directory traversal flaw.


The remote host is running the 602Pro LAN SUITE, an application that provides web, FTP, telnet, DNS, RealAudio, SSL services and proxying. This version of 602Pro LAN SUITE is vulnerable to a remote directory traversal attack within the 'mail' scripts 'A' parameter. An attacker exploiting this flaw would simply supply a typical '../../' directory traversal query to the 'A' parameter. Successful exploitation would give the attacker access to any files on the remote system. This introduces a loss of confidentiality.


Upgrade to version 2004.0.05.0509 or higher.

Plugin Details

Severity: Medium

ID: 2883

File Name: 2883.prm

Family: Web Servers

Published: 2005/05/06

Modified: 2016/01/21

Dependencies: 1442

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 4.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Temporal Vector: CVSS2#E:H/RL:OF/RC:C


Base Score: 5.3

Temporal Score: 5.1


Temporal Vector: CVSS3#E:H/RL:O/RC:C

Reference Information

CVE: CVE-2005-1423

BID: 13519

OSVDB: 16069