CVE-2006-6604 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2006-6604

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Directory traversal vulnerability in downloaddetails.php in TorrentFlux 2.2 allows remote authenticated users to read arbitrary files via .. (dot dot) sequences in the alias parameter, a different vector than CVE-2006-6328.

Affected Software

Name	Vendor	Start Version	End Version
Torrentflux	Torrentflux	2.2 (including)	2.2 (including)
Torrentflux	Ubuntu	devel	*
Torrentflux	Ubuntu	edgy	*
Torrentflux	Ubuntu	feisty	*
Torrentflux	Ubuntu	gutsy	*

References

http://secunia.com/advisories/23270
http://www.securityfocus.com/bid/21525
https://exchange.xforce.ibmcloud.com/vulnerabilities/30831
https://www.exploit-db.com/exploits/2902
http://secunia.com/advisories/23270
http://www.securityfocus.com/bid/21525
https://exchange.xforce.ibmcloud.com/vulnerabilities/30831
https://www.exploit-db.com/exploits/2902