CVE-2005-4033

Description

Nodezilla 0.4.13-corno-fulgure does not properly protect the evl_data directory, which could allow them to be shared when they are not protected by PRIVATEDATADIR in nodezilla.ini, which allows remote attackers to obtain sensitive information.

Affected products

• ali_bousahid / nodezilla0.4.0_corno_fulgure – 0.4.0_corno_fulgure
• ali_bousahid / nodezilla0.4.1_corno_fulgure – 0.4.1_corno_fulgure
• ali_bousahid / nodezilla0.4.2_corno_fulgure – 0.4.2_corno_fulgure
• ali_bousahid / nodezilla0.4.3_corno_fulgure – 0.4.3_corno_fulgure
• ali_bousahid / nodezilla0.4.4_corno_fulgure – 0.4.4_corno_fulgure
• ali_bousahid / nodezilla0.4.5_corno_fulgure – 0.4.5_corno_fulgure
• ali_bousahid / nodezilla0.4.6_corno_fulgure – 0.4.6_corno_fulgure
• ali_bousahid / nodezilla0.4.7_corno_fulgure – 0.4.7_corno_fulgure
• ali_bousahid / nodezilla0.4.8_corno_fulgure – 0.4.8_corno_fulgure
• ali_bousahid / nodezilla0.4.9_corno_fulgure – 0.4.9_corno_fulgure
• ali_bousahid / nodezilla0.4.10_corno_fulgure – 0.4.10_corno_fulgure
• ali_bousahid / nodezilla0.4.11_corno_fulgure – 0.4.11_corno_fulgure
• ali_bousahid / nodezilla0.4.12_corno_fulgure – 0.4.12_corno_fulgure
• ali_bousahid / nodezilla0.4.13_corno_fulgure – 0.4.13_corno_fulgure

References

• VENDOR_ADVISORYhttp://secunia.com/advisories/17867
• VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2005/2731
• MISChttp://www.nodezilla.net/history.txt
• MISChttp://www.securityfocus.com/bid/15704