CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2008-1118

HIGH
7.5
CVSS Severity Score
EPSS Score0.0450%
EPSS Percentile17.00th
Published2008年3月14日
Last Modified2026年4月23日

Vulnerability Description

Timbuktu Pro 8.6.5 for Windows, and possibly 8.7 for Mac OS X, does not perform input validation before logging information fields taken from packets from a remote peer, which allows remote attackers to generate crafted log entries, and possibly avoid detection of attacks, via modified (1) computer name, (2) user name, and (3) IP address fields.

Affected Platforms (CPE)

📦
Netopia

Timbuktu Pro

= 8.6.5

References & Advisories

🔗 http://secunia.com/advisories/29316
🔗 http://securityreason.com/securityalert/3742
🔗 http://www.coresecurity.com/?action=item&id=2166
🔗 http://www.securityfocus.com/archive/1/489414/100/0/threaded
🔗 http://www.securityfocus.com/bid/28081
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/41330
🔗 https://www.exploit-db.com/exploits/5238
🔗 http://secunia.com/advisories/29316

相關漏洞威脅

CVE-2007-422110.0

Multiple buffer overflows in Motorola Timbuktu Pro before 8.6.5 for Windows allow remote attackers to cause a denial of service (d...

CVE-2008-111710.0

Directory traversal vulnerability in the Notes (aka Flash Notes or instant messages) feature in tb2ftp.dll in Timbuktu Pro 8.6.5 f...

CVE-2009-13949.3

Stack-based buffer overflow in Motorola Timbuktu Pro 8.6.5 on Windows allows remote attackers to execute arbitrary code by sending...

CVE-2007-42207.8

Directory traversal vulnerability in Motorola Timbuktu Pro before 8.6.5 for Windows allows remote attackers to create or delete ar...