Lucene search
HistoryJul 27, 2004 - 4:00 a.m.
CVE-2004-0696
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.7
Confidence
High
EPSS
0.006
Percentile
77.9%
The ShellExample.cgi script in 4D WebSTAR 5.3.2 and earlier allows remote attackers to list arbitrary directories via a URL with the desired path and a “*” (asterisk) character.
Affected configurations
Node
4dwebstarMatch4.0
OR4dwebstarMatch5.2
OR4dwebstarMatch5.2.1
OR4dwebstarMatch5.2.2
OR4dwebstarMatch5.2.3
OR4dwebstarMatch5.2.4
OR4dwebstarMatch5.3
OR4dwebstarMatch5.3.1
OR4dwebstarMatch5.3.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| 4d | webstar | 4.0 | cpe:2.3:a:4d:webstar:4.0:*:*:*:*:*:*:* |
| 4d | webstar | 5.2 | cpe:2.3:a:4d:webstar:5.2:*:*:*:*:*:*:* |
| 4d | webstar | 5.2.1 | cpe:2.3:a:4d:webstar:5.2.1:*:*:*:*:*:*:* |
| 4d | webstar | 5.2.2 | cpe:2.3:a:4d:webstar:5.2.2:*:*:*:*:*:*:* |
| 4d | webstar | 5.2.3 | cpe:2.3:a:4d:webstar:5.2.3:*:*:*:*:*:*:* |
| 4d | webstar | 5.2.4 | cpe:2.3:a:4d:webstar:5.2.4:*:*:*:*:*:*:* |
| 4d | webstar | 5.3 | cpe:2.3:a:4d:webstar:5.3:*:*:*:*:*:*:* |
| 4d | webstar | 5.3.1 | cpe:2.3:a:4d:webstar:5.3.1:*:*:*:*:*:*:* |
| 4d | webstar | 5.3.2 | cpe:2.3:a:4d:webstar:5.3.2:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2004-0696
2004-07-16 04:00:00
cve
cve
CVE-2004-0696
2004-07-27 04:00:00
nessus
nessus
4D WebStar Arbitrary Multiple Vulnerabilities
2004-08-03 00:00:00
Multiple Dangerous CGI Script Detection
2003-06-17 00:00:00
openvas
openvas
Detection of various dangerous CGI scripts (HTTP) - Active Check
2005-11-03 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.7
Confidence
High
EPSS
0.006
Percentile
77.9%
Related for NVD:CVE-2004-0696