Lucene search

[email protected]CVE-2000-0664

HistoryOct 13, 2000 - 4:00 a.m.

CVE-2000-0664

2000-10-1304:00:00

[email protected]

web.nvd.nist.gov

analogx simpleserver

remote file reading

%2e url attack

cve-2000-0664

nvd.

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.7 Medium

AI Score

Confidence

Low

0.023 Low

EPSS

Percentile

89.6%

JSON

AnalogX SimpleServer:WWW 1.06 and earlier allows remote attackers to read arbitrary files via a modified … (dot dot) attack that uses the %2E URL encoding for the dots.

Affected configurations

NVD

Node

analogxsimpleserver_wwwMatch1.0.6

CPENameOperatorVersion
analogx:simpleserver_wwwanalogx simpleserver wwweq1.0.6

CPE	Name	Operator	Version
analogx:simpleserver_www	analogx simpleserver www	eq	1.0.6

References

archives.neohapsis.com/archives/bugtraq/2000-07/0374.html

www.analogx.com/contents/download/network/sswww.htm

www.osvdb.org/388

www.securityfocus.com/bid/1508

exchange.xforce.ibmcloud.com/vulnerabilities/4999

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.7 Medium

AI Score

Confidence

Low

0.023 Low

EPSS

Percentile

89.6%

JSON

Related for CVE-2000-0664

nessus1 cvelist2 nvd2 cve1