CVE-2001-0973

Опубликовано: 31 авг. 2001

Источник: nvd

CVSS2: 6.4

EPSS Низкий

Описание

BSCW groupware system 3.3 through 4.0.2 beta allows remote attackers to read or modify arbitrary files by uploading and extracting a tar file with a symlink into the data-bag space.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2001-08/0328.html
Patch
Vendor Advisory
http://bscw.gmd.de/Bulletins/BSCW-SB-2001-08.extract.txt
Patch
Vendor Advisory
http://www.iss.net/security_center/static/7029.php
http://www.kb.cert.org/vuls/id/465971
US Government Resource
http://www.securityfocus.com/bid/3227
http://archives.neohapsis.com/archives/bugtraq/2001-08/0328.html
Patch
Vendor Advisory
http://bscw.gmd.de/Bulletins/BSCW-SB-2001-08.extract.txt
Patch
Vendor Advisory
http://www.iss.net/security_center/static/7029.php
http://www.kb.cert.org/vuls/id/465971
US Government Resource
http://www.securityfocus.com/bid/3227

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:fraunhofer_fit:bscw:*:*:*:*:*:*:*:*

Версия до 4.0.2_beta (включая)

cpe:2.3:a:fraunhofer_fit:bscw:3.3:*:*:*:*:*:*:*

cpe:2.3:a:fraunhofer_fit:bscw:3.3.1:*:*:*:*:*:*:*

cpe:2.3:a:fraunhofer_fit:bscw:3.4.1:*:*:*:*:*:*:*

cpe:2.3:a:fraunhofer_fit:bscw:3.4.3:*:*:*:*:*:*:*

cpe:2.3:a:fraunhofer_fit:bscw:4.0.1_beta:*:*:*:*:*:*:*

EPSS

Процентиль: 87%

0.03174

Низкий

6.4 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-mr5j-qcjf-p9xm

github

почти 4 года назад