Lucene search

[email protected]CVE-2003-0338

HistoryMay 21, 2003 - 4:00 a.m.

CVE-2003-0338

2003-05-2104:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2003-0338

wsmp3d

vulnerability

directory traversal

http requests

7.5 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.131 Low

EPSS

Percentile

95.4%

JSON

Directory traversal vulnerability in WsMp3 daemon (WsMp3d) 0.0.10 and earlier allows remote attackers to read and execute arbitrary files via … (dot dot) sequences in HTTP GET or POST requests.

CPENameOperatorVersion
wsmp3:wsmp3_daemonwsmp3 wsmp3 daemoneq0.0.8
wsmp3:wsmp3_web_serverwsmp3 wsmp3 web servereq0.0.1
wsmp3:wsmp3_web_serverwsmp3 wsmp3 web servereq0.0.6
wsmp3:wsmp3_daemonwsmp3 wsmp3 daemoneq0.0.10
wsmp3:wsmp3_web_serverwsmp3 wsmp3 web servereq0.0.4
wsmp3:wsmp3_daemonwsmp3 wsmp3 daemoneq0.0.9
wsmp3:wsmp3_web_serverwsmp3 wsmp3 web servereq0.0.3
wsmp3:wsmp3_web_serverwsmp3 wsmp3 web servereq0.0.7
wsmp3:wsmp3_web_serverwsmp3 wsmp3 web servereq0.0.5
wsmp3:wsmp3_web_serverwsmp3 wsmp3 web servereq0.0.2

CPE	Name	Operator	Version
wsmp3:wsmp3_daemon	wsmp3 wsmp3 daemon	eq	0.0.8
wsmp3:wsmp3_web_server	wsmp3 wsmp3 web server	eq	0.0.1
wsmp3:wsmp3_web_server	wsmp3 wsmp3 web server	eq	0.0.6
wsmp3:wsmp3_daemon	wsmp3 wsmp3 daemon	eq	0.0.10
wsmp3:wsmp3_web_server	wsmp3 wsmp3 web server	eq	0.0.4
wsmp3:wsmp3_daemon	wsmp3 wsmp3 daemon	eq	0.0.9
wsmp3:wsmp3_web_server	wsmp3 wsmp3 web server	eq	0.0.3
wsmp3:wsmp3_web_server	wsmp3 wsmp3 web server	eq	0.0.7
wsmp3:wsmp3_web_server	wsmp3 wsmp3 web server	eq	0.0.5
wsmp3:wsmp3_web_server	wsmp3 wsmp3 web server	eq	0.0.2

References

archives.neohapsis.com/archives/vulnwatch/2003-q2/0077.html

marc.info/?l=bugtraq&m=105353168619211&w=2

7.5 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.131 Low

EPSS

Percentile

95.4%

JSON

Related for CVE-2003-0338

nessus1