5 matches found
CVE-2001-0453
The CVE-2001-0453 entry concerns the BRS WebWeaver HTTP server, where a directory traversal flaw allows remote attackers to read arbitrary files. The vulnerability is triggered by a .. (dot dot) path traversal in one of three directories (syshelp, sysimages, or scripts). The provided documents co...
CVE-2001-0452
CVE-2001-0452 affects the BRS WebWeaver FTP server prior to 0.64 Beta. The vulnerability allows a remote attacker to obtain the real pathname of the server by issuing a sequence: first a problematic CD * command, followed by an ls. The available documents confirm the affected product and the exac...
CVE-2003-0409
CVE-2003-0409 affects BRS WebWeaver (versions 1.04 and earlier). The vulnerability is a buffer overflow triggered by excessively long HTTP POST or HEAD requests, allowing remote attackers to cause a denial of service (crash) and potentially execute arbitrary code. The connected documents (NVD/NVD...
CVE-2002-1546
The CVE-2002-1546 issue affects BRS WebWeaver Web Server 1.01 and allows remote attackers to bypass password protections for files and directories by sending an HTTP request that includes a "/./" sequence. This is a path traversal-like bypass vulnerability. According to the source data, the vulne...
CVE-2003-1165
CVE-2003-1165 concerns BRS WebWeaver 1.06 and earlier. The vulnerability is a buffer overflow in processing an HTTP request with a long User-Agent header, allowing remote attackers over the network to trigger a crash (DoS) and potentially execute arbitrary code. The NVD entry lists a base score o...