exploitDog

CVE-2001-0308

Опубликовано: 03 мая 2001

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

UploadServlet in Bajie HTTP JServer 0.78, and possibly other versions before 0.80, allows remote attackers to execute arbitrary commands by calling the servlet to upload a program, then using a ... (modified ..) to access the file that was created for the program.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2001-02/0314.html
Exploit
Vendor Advisory
http://www.geocities.com/gzhangx/websrv/docs/security.html
http://www.securityfocus.com/bid/2388
Exploit
Vendor Advisory
http://archives.neohapsis.com/archives/bugtraq/2001-02/0314.html
Exploit
Vendor Advisory
http://www.geocities.com/gzhangx/websrv/docs/security.html
http://www.securityfocus.com/bid/2388
Exploit
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:bajie:java_http_server:*:*:*:*:*:*:*:*

Версия до 0.79 (включая)

EPSS

Процентиль: 92%

0.07891

Низкий

7.5 High

CVSS2

Дефекты

CWE-94

Связанные уязвимости

GHSA-mhx9-m787-mwx3

github

больше 3 лет назад

UploadServlet in Bajie HTTP JServer 0.78, and possibly other versions before 0.80, allows remote attackers to execute arbitrary commands by calling the servlet to upload a program, then using a ... (modified ..) to access the file that was created for the program.

EPSS

Процентиль: 92%

0.07891

Низкий

7.5 High

CVSS2

Дефекты

CWE-94