Arbitrary File Overwrite Vulnerability in Sun Cobalt RaQ XTR Administration Interface

Arbitrary File Overwrite Vulnerability in Sun Cobalt RaQ XTR Administration Interface

CVE-2002-0430 · LOW Severity

AV:L/AC:H/AU:N/C:P/I:P/A:P

MultiFileUploadHandler.php in the Sun Cobalt RaQ XTR administration interface allows local users to bypass authentication and overwrite arbitrary files via a symlink attack on a temporary file, followed by a request to MultiFileUpload.php.

Learn more about our User Device Pen Test.