Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1242

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2001-1242
Last Modified 10 Sep 2008 03:10:01
Published 17 Jul 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-1242

Summary

Directory traversal vulnerability in Un-CGI 1.9 and earlier allows remote attackers to execute arbitrary code via a .. (dot dot) in an HTML form.

Vulnerable Systems

Application

  • Steve Grimm Un-cgi 1.0

  • Steve Grimm Un-cgi 1.1

  • Steve Grimm Un-cgi 1.2

  • Steve Grimm Un-cgi 1.3

  • Steve Grimm Un-cgi 1.4

  • Steve Grimm Un-cgi 1.5

  • Steve Grimm Un-cgi 1.6

  • Steve Grimm Un-cgi 1.6.1

  • Steve Grimm Un-cgi 1.6.2

  • Steve Grimm Un-cgi 1.7

  • Steve Grimm Un-cgi 1.8

  • Steve Grimm Un-cgi 1.9


References

XF - uncgi-dot-directory-traversal(6846)

CONFIRM - http://www.midwinter.com/~koreth/uncgi-changes.html

BUGTRAQ - 20010717 multiple vulnerabilities in un-cgi

BID - 3056

BUGTRAQ - 20010718 Re: [Khamba Staring ] multiple vulnerabilities in un-cgi


Last Updated: 27 May 2016 10:36:35