Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-5100

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2012-5100
Last Modified 24 Sep 2012 12:00:00
Published 23 Sep 2012 01:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-5100

Summary

Directory traversal vulnerability in HServer 0.1.1 allows remote attackers to read arbitrary files via a (1) ..%5c (dot dot encoded backslash) or (2) %2e%2e%5c (encoded dot dot backslash) in the PATH_INFO.

Vulnerable Systems

Application

  • Luizpicanco Hserver 0.1.1


References

XF - hserver-webserver-directory-traversal(72138)

BID - 51286

BUGTRAQ - 20120105 HServer webserver - Directory Traversal Vulnerability


Last Updated: 27 May 2016 11:00:48