2 matches found
CVE-2001-1108
CVE-2001-1108 refers to a directory traversal vulnerability in SnapStream PVS 1.2a, where remote attackers could read arbitrary files by injecting a .. sequence in the requested URL. OpenVAS entries describe exploiting by prepending ../../ to file names, potentially exposing files like ssd.ini th...
CVE-2001-1107
CVE-2001-1107 affects SnapStream PVS 1.2a, where passwords are stored in plaintext in the SSD.ini file. This storage flaw could allow a remote attacker to gain privileges on the affected server. The available documents do not specify a patch or version that fixes the issue, nor provide exploit de...