Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1586

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2001-1586
Last Modified 28 Apr 2010 12:10:42
Published 12 Feb 2010 04:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-1586

Summary

Directory traversal vulnerability in SimpleServer:WWW 1.13 and earlier allows remote attackers to execute arbitrary programs via encoded ../ ("%2E%2E%2F%") sequences in a request to the cgi-bin/ directory, a different vulnerability than CVE-2000-0664.

Vulnerable Systems

Application

  • Analogx Simpleserver Www 1.0.8

  • Analogx Simpleserver Www 1.01

  • Analogx Simpleserver Www 1.03

  • Analogx Simpleserver Www 1.04

  • Analogx Simpleserver Www 1.05

  • Analogx Simpleserver Www 1.06

  • Analogx Simpleserver Www 1.13


References

XF - simpleserverwww-cgibin-directory-traversal(56631)

BID - 3112

MISC - http://www.securiteam.com/windowsntfocus/5TP0B1P4UK.html

CONFIRM - http://www.analogx.com/contents/download/network/sswww.htm

BUGTRAQ - 20010727 SimpleServer:WWW Command Execution Vulnerability Exploit Code Released


Last Updated: 27 May 2016 10:36:44