ID OSVDB:33513 Type osvdb Reporter OSVDB Modified 2007-02-12T00:24:38
Description
Solution Description
Upgrade to version 0.0.7 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.
References:
Vendor URL: http://miniwebsvr.sourceforge.net/
Vendor Specific News/Changelog Entry: http://sourceforge.net/project/shownotes.php?release_id=492667&group_id=187000
Mail List Post: http://attrition.org/pipermail/vim/2007-February/001315.html
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-02/0157.html
ISS X-Force ID: 32451
CVE-2007-0919
Bugtraq ID: 22523
{"href": "https://vulners.com/osvdb/OSVDB:33513", "history": [], "id": "OSVDB:33513", "reporter": "OSVDB", "published": "2007-02-12T00:24:38", "description": "## Solution Description\nUpgrade to version 0.0.7 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## References:\nVendor URL: http://miniwebsvr.sourceforge.net/\nVendor Specific News/Changelog Entry: http://sourceforge.net/project/shownotes.php?release_id=492667&group_id=187000\nMail List Post: http://attrition.org/pipermail/vim/2007-February/001315.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-02/0157.html\nISS X-Force ID: 32451\n[CVE-2007-0919](https://vulners.com/cve/CVE-2007-0919)\nBugtraq ID: 22523\n", "title": "MiniWebsvr Encoded Traversal Arbitrary File Access", "lastseen": "2017-04-28T13:20:29", "bulletinFamily": "software", "type": "osvdb", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "hash": "5897e04bbd22ba858241f45b299cd3b335d1773a293bae3464ca47b9e72b77b4", "references": [], "edition": 1, "cvelist": ["CVE-2007-0919"], "affectedSoftware": [], "viewCount": 0, "enchantments": {"score": {"value": 6.5, "vector": "NONE", "modified": "2017-04-28T13:20:29"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2007-0919"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:7218"]}], "modified": "2017-04-28T13:20:29"}, "vulnersScore": 6.5}, "hashmap": [{"key": "affectedSoftware", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "f32af0d58325a68c258c86865ee77772"}, {"key": "cvss", "hash": "313104e31e57b9f7aa405f5f0fc56a4e"}, {"key": "description", "hash": "a4c7ca0a46c8323671ad43a7f4038d26"}, {"key": "href", "hash": "5e98858b77b695d9de846b2a376ef851"}, {"key": "modified", "hash": "3e834519eda7d9d638bb3c98cbbb6298"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "published", "hash": "3e834519eda7d9d638bb3c98cbbb6298"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "955b328dc7cd615c13af5464c9183464"}, {"key": "title", "hash": "200f60c2c54bd72ca301ff7852863dbe"}, {"key": "type", "hash": "1327ac71f7914948578f08c54f772b10"}], "objectVersion": "1.2", "modified": "2007-02-12T00:24:38"}
{"cve": [{"lastseen": "2019-05-29T18:08:58", "bulletinFamily": "NVD", "description": "Directory traversal vulnerability in Nickolas Grigoriadis Mini Web server (MiniWebsvr) 0.0.6 allows remote attackers to list the directory immediately above the web root via a ..%00 sequence in the URI.", "modified": "2018-10-16T16:35:00", "id": "CVE-2007-0919", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-0919", "published": "2007-02-14T11:28:00", "title": "CVE-2007-0919", "type": "cve", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:C/I:N/A:N"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:23", "bulletinFamily": "software", "description": "It's possible to retrieve parent directory listing with /..%00 request.", "modified": "2007-02-13T00:00:00", "published": "2007-02-13T00:00:00", "id": "SECURITYVULNS:VULN:7218", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:7218", "title": "Miniwebsvr web server directory traversal", "type": "securityvulns", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}}]}