Lucene search

[email protected]NVD:CVE-2002-0307

HistoryMay 31, 2002 - 4:00 a.m.

CVE-2002-0307

2002-05-3104:00:00

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

Confidence

High

EPSS

0.047

Percentile

92.6%

JSON

Directory traversal vulnerability in ans.pl in Avenger’s News System (ANS) 2.11 and earlier allows remote attackers to determine the existence of arbitrary files or execute any Perl program on the system via a … (dot dot) in the p parameter, which reads the target file and attempts to execute the line using Perl’s eval function.

Affected configurations

Nvd

Node

avengers_news_systemavengers_news_systemMatch2.01

avengers_news_systemavengers_news_systemMatch2.11

VendorProductVersionCPE
avengers_news_systemavengers_news_system2.01cpe:2.3:a:avengers_news_system:avengers_news_system:2.01:*:*:*:*:*:*:*
avengers_news_systemavengers_news_system2.11cpe:2.3:a:avengers_news_system:avengers_news_system:2.11:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
avengers_news_system	avengers_news_system	2.01	cpe:2.3:a:avengers_news_system:avengers_news_system:2.01:::::::*
avengers_news_system	avengers_news_system	2.11	cpe:2.3:a:avengers_news_system:avengers_news_system:2.11:::::::*

References

marc.info/?l=bugtraq&m=101430868616112&w=2

www.securityfocus.com/bid/4147

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

Confidence

High

EPSS

0.047

Percentile

92.6%

JSON

Related for NVD:CVE-2002-0307

cvelist1 cve1 openvas1