CVE-2011-1409

EUVD-2011-1416
Frams's Fast File EXchange (F*EX, aka fex) 20100208, and possibly other versions before 20110610, allows remote attackers to bypass authentication and upload arbitrary files via a request that lacks an authentication ID.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:P/A:N
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 71%
Debian logo
Debian Releases
Debian Product
Codename
fex
bookworm/non-free
20160919-2
fixed
bullseye/non-free
20160919-2
fixed
sid/non-free
20160919-2
fixed
trixie/non-free
20160919-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
fex
hardy
dne
lucid
Fixed 20091210+debian0-2ubuntu0.1
released
maverick
Fixed 20100208+debian1-1+squeeze1build0.10.10.1
released
natty
Fixed 20100208+debian1-1+squeeze1build0.11.04.1
released
oneiric
not-affected
Common Weakness Enumeration
References
http://fex.rus.uni-stuttgart.de/fex.html
http://secunia.com/advisories/44940
http://www.debian.org/security/2011/dsa-2259
http://www.securityfocus.com/bid/48239
https://exchange.xforce.ibmcloud.com/vulnerabilities/68005
http://fex.rus.uni-stuttgart.de/fex.html
http://secunia.com/advisories/44940
http://www.debian.org/security/2011/dsa-2259
http://www.securityfocus.com/bid/48239
https://exchange.xforce.ibmcloud.com/vulnerabilities/68005