4 matches found
EUVD-2002-0094
Malware in sbrugna...
CVE-2002-0095
The default configuration of BSCW Basic Support for Cooperative Work 3.x and possibly version 4 enables user self registration, which could allow remote attackers to upload files and possibly join a user community that was intended to be closed...
CVE-2002-0094
configconverters.py in BSCW Basic Support for Cooperative Work 3.x and versions before 4.06 allows remote attackers to execute arbitrary commands via shell metacharacters in the file name during filename conversion...
BSCW vulnerable to arbitrary file overwriting via symlink redirection of temporary file
Overview BSCW is a groupware system that runs on a web server. BSCW follows symbolic links in tar files that it extracts into a user's local area. Accessing those links may allow the user to view arbitrary files viewable by the web server, and to overwrite files writable by the web server...