Lucene search

[email protected]CVE-2000-0920

HistoryDec 19, 2000 - 5:00 a.m.

CVE-2000-0920

2000-12-1905:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2000-0920

information security document

boa web server

vulnerability

get http request

nvd.

6.8 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.025 Low

EPSS

Percentile

90.0%

JSON

Directory traversal vulnerability in BOA web server 0.94.8.2 and earlier allows remote attackers to read arbitrary files via a modified … (dot dot) attack in the GET HTTP request that uses a “%2E” instead of a “.”

CPENameOperatorVersion
boa:boa_webserverboa boa webserverle0.94.8.2

CPE	Name	Operator	Version
boa:boa_webserver	boa boa webserver	le	0.94.8.2

References

ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:60.boa.asc

archives.neohapsis.com/archives/bugtraq/2000-10/0092.html

www.debian.org/security/2000/20001009

www.securityfocus.com/bid/1770

exchange.xforce.ibmcloud.com/vulnerabilities/5330

6.8 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.025 Low

EPSS

Percentile

90.0%

JSON

Related for CVE-2000-0920

securityvulns1 nessus1 openvas2 zdt1