exploitDog

CVE-2001-0557

Опубликовано: 14 авг. 2001

Источник: nvd

CVSS2: 5

EPSS Средний

Описание

T. Hauck Jana Webserver 1.46 and earlier allows a remote attacker to view arbitrary files via a '..' (dot dot) attack which is URL encoded (%2e%2e).

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2001-05/0086.html
Exploit
Patch
Vendor Advisory
http://www.kb.cert.org/vuls/id/132099
US Government Resource
http://www.securityfocus.com/bid/2703
Exploit
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/6513
http://archives.neohapsis.com/archives/bugtraq/2001-05/0086.html
Exploit
Patch
Vendor Advisory
http://www.kb.cert.org/vuls/id/132099
US Government Resource
http://www.securityfocus.com/bid/2703
Exploit
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/6513

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:t._hauck:jana_web_server:*:*:*:*:*:*:*:*

Версия до 1.46 (включая)

cpe:2.3:a:t._hauck:jana_web_server:1.0j:*:*:*:*:*:*:*

cpe:2.3:a:t._hauck:jana_web_server:1.45:*:*:*:*:*:*:*

cpe:2.3:a:t._hauck:jana_web_server:2.0_beta_1:*:*:*:*:*:*:*

EPSS

Процентиль: 94%

0.12651

Средний

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-982w-46v4-62v7

github

почти 4 года назад

T. Hauck Jana Webserver 1.46 and earlier allows a remote attacker to view arbitrary files via a '..' (dot dot) attack which is URL encoded (%2e%2e).

EPSS

Процентиль: 94%

0.12651

Средний

5 Medium

CVSS2

Дефекты

NVD-CWE-Other