Lucene search

MitreCVE-2001-0842

HistoryDec 06, 2001 - 5:00 a.m.

CVE-2001-0842

2001-12-0605:00:00

mitre

web.nvd.nist.gov

cve-2001-0842

leoboard lb5000

directory traversal vulnerability

search.cgi

remote attackers

overwrite files

gain privileges.

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.3

Confidence

Low

EPSS

0.006

Percentile

78.0%

JSON

Directory traversal vulnerability in Search.cgi in Leoboard LB5000 LB5000II 1029 and earlier allows remote attackers to overwrite files and gain privileges via … (dot dot) sequences in the amembernamecookie cookie.

Affected configurations

Nvd

Node

leoboardlb5000Range≤1029

VendorProductVersionCPE
leoboardlb5000*cpe:2.3:a:leoboard:lb5000:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
leoboard	lb5000	*	cpe:2.3:a:leoboard:lb5000::::::::

References

marc.info/?l=bugtraq&m=100446455809273&w=2

www.iss.net/security_center/static/7436.php

www.securityfocus.com/bid/3484

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.3

Confidence

Low

EPSS

0.006

Percentile

78.0%

JSON

Related for CVE-2001-0842