Lucene search
MitreCVE-2007-5685HistoryOct 28, 2007 - 5:08 p.m.
CVE-2007-5685
2007-10-2817:08:00
CWE-22
mitre
web.nvd.nist.gov
19
cve-2007-5685
shttp
directory traversal
file read
security vulnerability
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.6
Confidence
Low
EPSS
0.011
Percentile
84.8%
The safe_path function in shttp before 0.0.5 allows remote attackers to conduct directory traversal attacks and read files via a combination of “…” and sub-directory specifiers that resolve to a pathname that is at or below the same level as the web document root, but in a different part of the directory tree.
Affected configurations
Node
serverkitshttpRange≤0.0.4
Related
prion
prion
Directory traversal
2007-10-28 17:08:00
exploitdb
exploitdb
Shttp 0.0.x - Directory Traversal
2007-10-25 00:00:00
cvelist
cvelist
CVE-2007-5685
2007-10-28 16:00:00
nvd
nvd
CVE-2007-5685
2007-10-28 17:08:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.6
Confidence
Low
EPSS
0.011
Percentile
84.8%
Related for CVE-2007-5685