Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0748

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2001-0748
Last Modified 05 Sep 2008 04:24:50
Published 18 Oct 2001 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-0748

Summary

Acme.Serve 1.7, as used in Cisco Secure ACS Unix and possibly other products, allows remote attackers to read arbitrary files by prepending several / (slash) characters to the URI.

Vulnerable Systems

Application

  • Acme Labs Acme%2cserver 1.7


References

BUGTRAQ - 20010531 Acme.Server v1.7 of 13nov96 Directory Browsing

BID - 2809

OSVDB - 5544

XF - acme-serve-directory-traversal(6634)

CISCO - 20020702 Cisco Secure ACS Unix Acme.server Information Disclosure Vulnerability


Last Updated: 27 May 2016 10:36:23