BSCW groupware system 3.3 through 4.0.2 beta allows remote attackers to read or modify arbitrary files by uploading and extracting a tar file with a symlink into the data-bag space.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| fraunhofer_fit | bscw | * |
| fraunhofer_fit | bscw | 3.4.1 |
| fraunhofer_fit | bscw | 3.3.1 |
| fraunhofer_fit | bscw | 3.3 |
| fraunhofer_fit | bscw | 4.0.1_beta |
| fraunhofer_fit | bscw | 3.4.3 |
config_converters.py in BSCW (Basic Support for Cooperative Work) 3.x and versions before 4.06 allows remote attackers to execute arbitrary commands via shell metacharacters in the file name during filename conversion.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| fraunhofer_fit | bscw | 4.0 |
| fraunhofer_fit | bscw | 3.4 |
The default configuration of BSCW (Basic Support for Cooperative Work) 3.x and possibly version 4 enables user self registration, which could allow remote attackers to upload files and possibly join a user community that was intended to be closed.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| fraunhofer_fit | bscw | 4.0.6 |
| fraunhofer_fit | bscw | 4.0 |
| fraunhofer_fit | bscw | 3.4 |