Lucene search

[email protected]CVE-2000-0671

HistoryJul 21, 2000 - 4:00 a.m.

CVE-2000-0671

2000-07-2104:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2000-0671

roxen

web server

null character

source code

remote attackers

7.1 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.011 Low

EPSS

Percentile

84.2%

JSON

Roxen web server earlier than 2.0.69 allows allows remote attackers to bypass access restrictions, list directory contents, and read source code by inserting a null character (%00) to the URL.

CPENameOperatorVersion
roxen:webserverroxen webservereq2.0.x

CPE	Name	Operator	Version
roxen:webserver	roxen webserver	eq	2.0.x

References

archives.neohapsis.com/archives/bugtraq/2000-07/0307.html

archives.neohapsis.com/archives/bugtraq/2000-07/0321.html

www.securityfocus.com/bid/1510

exchange.xforce.ibmcloud.com/vulnerabilities/4965

7.1 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.011 Low

EPSS

Percentile

84.2%

JSON

Related for CVE-2000-0671

nessus1