Lucene search

[email protected]CVE-2000-0664

HistoryJul 26, 2000 - 4:00 a.m.

CVE-2000-0664

2000-07-2604:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

analogx simpleserver

remote file reading

%2e url attack

cve-2000-0664

nvd.

6.9 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.023 Low

EPSS

Percentile

89.5%

JSON

AnalogX SimpleServer:WWW 1.06 and earlier allows remote attackers to read arbitrary files via a modified … (dot dot) attack that uses the %2E URL encoding for the dots.

CPENameOperatorVersion
analogx:simpleserver_wwwanalogx simpleserver wwweq1.0.6

CPE	Name	Operator	Version
analogx:simpleserver_www	analogx simpleserver www	eq	1.0.6

References

archives.neohapsis.com/archives/bugtraq/2000-07/0374.html

www.analogx.com/contents/download/network/sswww.htm

www.osvdb.org/388

www.securityfocus.com/bid/1508

exchange.xforce.ibmcloud.com/vulnerabilities/4999

6.9 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.023 Low

EPSS

Percentile

89.5%

JSON

Related for CVE-2000-0664

nessus1 cve1