CVE-2002-0307

2002-05-0304:00:00

mitre

www.cve.org

7 High

AI Score

Confidence

High

0.047 Low

EPSS

Percentile

92.6%

JSON

Directory traversal vulnerability in ans.pl in Avenger’s News System (ANS) 2.11 and earlier allows remote attackers to determine the existence of arbitrary files or execute any Perl program on the system via a … (dot dot) in the p parameter, which reads the target file and attempts to execute the line using Perl’s eval function.

References

marc.info/?l=bugtraq&m=101430868616112&w=2

www.securityfocus.com/bid/4147