Lucene search

MitreCVE-2005-0450

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-0450

2005-05-0204:00:00

mitre

web.nvd.nist.gov

cve-2005-0450

directory traversal

sami http server

remote attackers

arbitrary file read

http request

vulnerability

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

7.1

Confidence

Low

EPSS

0.011

Percentile

84.5%

JSON

Directory traversal vulnerability in Sami HTTP Server 1.0.5 allows remote attackers to read arbitrary files via an HTTP request containing (1) … (dot dot) or (2) “%2e%2e” (encoded dot dot) sequences.

Affected configurations

Nvd

Node

samisami_http_serverMatch1.0.5

VendorProductVersionCPE
samisami_http_server1.0.5cpe:2.3:a:sami:sami_http_server:1.0.5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
sami	sami_http_server	1.0.5	cpe:2.3:a:sami:sami_http_server:1.0.5:::::::*

References

secunia.com/advisories/14283

securitytracker.com/id?1013191

Social References

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

7.1

Confidence

Low

EPSS

0.011

Percentile

84.5%

JSON

Related for CVE-2005-0450