Vulnerabilities > CVE-1999-1509 - Directory Traversal vulnerability in Etype Eserv 2.50
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Directory traversal vulnerability in Etype Eserv 2.50 web server allows a remote attacker to read any file in the file system via a .. (dot dot) in a URL.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Etype Eserv 2.50 Directory Traversal Vulnerability. CVE-1999-1509. Remote exploit for windows platform |
id | EDB-ID:19601 |
last seen | 2016-02-02 |
modified | 1999-11-04 |
published | 1999-11-04 |
reporter | Ussr Labs |
source | https://www.exploit-db.com/download/19601/ |
title | etype eserv 2.50 - Directory Traversal Vulnerability |
Nessus
NASL family | Web Servers |
NASL id | ESERV.NASL |
description | The version of Eserv running on the remote host is vulnerable to a directory traversal attack. It is possible to read arbitrary files on the server by prepending ../../ or ..\..\ in front of the file name. A remote attacker could exploit this to read arbitrary files on the server, which could be used to mount further attacks. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 10063 |
published | 1999-11-05 |
reporter | This script is Copyright (C) 1999-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/10063 |
title | Eserv GET Request Traversal Arbitrary File Access |
code |
|