Lucene search

[email protected]NVD:CVE-2001-0835

HistoryDec 06, 2001 - 5:00 a.m.

CVE-2001-0835

2001-12-0605:00:00

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.2 Medium

AI Score

Confidence

High

0.017 Low

EPSS

Percentile

88.0%

JSON

Cross-site scripting vulnerability in Webalizer 2.01-06, and possibly other versions, allows remote attackers to inject arbitrary HTML tags by specifying them in (1) search keywords embedded in HTTP referrer information, or (2) host names that are retrieved via a reverse DNS lookup.

Affected configurations

NVD

Node

bradford_barrettwebalizerRange≤2.0.6

References

lists.suse.com/archives/suse-security-announce/2001-Nov/0001.html

marc.info/?l=bugtraq&m=100394630702875&w=2

www.linuxsecurity.com/advisories/other_advisory-1677.html

www.mrunix.net/webalizer/news.html

www.redhat.com/support/errata/RHSA-2001-140.html

www.redhat.com/support/errata/RHSA-2001-141.html

www.securityfocus.com/bid/3473

exchange.xforce.ibmcloud.com/vulnerabilities/7350

exchange.xforce.ibmcloud.com/vulnerabilities/7351

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.2 Medium

AI Score

Confidence

High

0.017 Low

EPSS

Percentile

88.0%

JSON

Related for NVD:CVE-2001-0835

openvas2 nessus1 cve1 cvelist1 suse1