2
Candidate: CVE-2008-2717
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2717
6
TYPO3 4.0.x before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.2.1, uses
7
an insufficiently restrictive default fileDenyPattern for Apache, which
8
allows remote attackers to bypass security restrictions and upload
9
configuration files such as .htaccess, or conduct file upload attacks using
19
upstream_typo3-src: released (4.1.7-1)
20
dapper_typo3-src: ignored (reached end-of-life)
21
feisty_typo3-src: needs-triage (reached end-of-life)
22
gutsy_typo3-src: needs-triage (reached end-of-life)
23
hardy_typo3-src: ignored (reached end-of-life)
24
intrepid_typo3-src: not-affected (4.2.1-1)
25
jaunty_typo3-src: not-affected (4.2.1-1)
26
karmic_typo3-src: not-affected (4.2.1-1)
27
lucid_typo3-src: not-affected (4.2.1-1)
28
maverick_typo3-src: not-affected (4.2.1-1)
29
natty_typo3-src: not-affected (4.2.1-1)
30
oneiric_typo3-src: not-affected (4.2.1-1)
31
devel_typo3-src: not-affected (4.2.1-1)