Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1299

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2001-1299
Last Modified 05 Sep 2008 04:26:11
Published 02 Oct 2001 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-1299

Summary

Zorbat Zorbstats PHP script before 0.9 allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.

Vulnerable Systems

Application

  • Zorbat Zorbstats 0.8


References

CONFIRM - http://www.kb.cert.org/vuls/id/JARL-53RJKV

CERT-VN - VU#847803

XF - php-includedir-code-execution(7215)

BID - 3386

CONFIRM - http://www.come.to/zorbat/

BUGTRAQ - 20011002 results of semi-automatic source code audit


Last Updated: 27 May 2016 10:36:36