Lucene search

[email protected]CVE-2002-0307

HistoryMay 31, 2002 - 4:00 a.m.

CVE-2002-0307

2002-05-3104:00:00

[email protected]

web.nvd.nist.gov

128

cve-2002-0307

ans 2.11

ans.pl

directory traversal

remote execution

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

High

0.047 Low

EPSS

Percentile

92.6%

JSON

Directory traversal vulnerability in ans.pl in Avenger’s News System (ANS) 2.11 and earlier allows remote attackers to determine the existence of arbitrary files or execute any Perl program on the system via a … (dot dot) in the p parameter, which reads the target file and attempts to execute the line using Perl’s eval function.

Affected configurations

NVD

Node

avengers_news_systemavengers_news_systemMatch2.01

avengers_news_systemavengers_news_systemMatch2.11

CPENameOperatorVersion
avengers_news_system:avengers_news_systemavengers news systemeq2.01
avengers_news_system:avengers_news_systemavengers news systemeq2.11

CPE	Name	Operator	Version
avengers_news_system:avengers_news_system	avengers news system	eq	2.01
avengers_news_system:avengers_news_system	avengers news system	eq	2.11

References

marc.info/?l=bugtraq&m=101430868616112&w=2

www.securityfocus.com/bid/4147

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

High

0.047 Low

EPSS

Percentile

92.6%

JSON

Related for CVE-2002-0307

openvas1 cvelist1 nvd1