Pico Server Security Vulnerabilities and Issues — Pico Server CVE List

Lucene search

Pico ServerPico Server

5 matches found

CVE•added 2005/05/16 4:0 a.m.•41 views

CVE-2005-1365

Pico Server (pServ) 3.2 and earlier allows remote attackers to execute arbitrary commands via a URL with multiple leading "/" (slash) characters and ".." sequences.

10CVSS7.6AI score0.07343EPSS

CVE•added 2005/06/14 4:0 a.m.•36 views

CVE-2005-1953

Heap-based buffer overflow in the CGI extension for Pico Server (pServ) 3.3 allows remote attackers to execute arbitrary code via a long HTTP request.

7.5CVSS8.5AI score0.03422EPSS

CVE•added 2005/06/16 4:0 a.m.•34 views

CVE-2005-1952

Directory traversal vulnerability in Pico Server (pServ) 3.3 allows remote attackers to read arbitrary files and execute arbitrary commands via a /./ (slash dot slash) before each .. (dot dot) sequence in the URL, which results in an incorrect directory depth count.

7.5CVSS7.8AI score0.01728EPSS

CVE•added 2005/05/16 4:0 a.m.•33 views

CVE-2005-1366

Pico Server (pServ) 3.2 and earlier allows remote attackers to obtain the source code for CGI scripts via "dirname/../cgi-bin" in a URL.

7.5CVSS6.8AI score0.04734EPSS

CVE•added 2005/05/16 4:0 a.m.•31 views

CVE-2005-1367

Pico Server (pServ) 3.2 and earlier allows local users to read arbitrary files as the pServ user via a symlink to a file outside of the web document root.

7.5CVSS6.3AI score0.00415EPSS