Vulnerabilities > CVE-2000-0039 - Unspecified vulnerability in Altavista Search Intranet 2.0B/2.3A
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
AltaVista search engine allows remote attackers to read files above the document root via a .. (dot dot) in the query.cgi CGI program.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Exploit-Db
description | AltaVista Search Intranet 2.0 b/2.3 A Directory Traversal Vulnerability. CVE-2000-0039. Remote exploit for unix platform |
id | EDB-ID:19694 |
last seen | 2016-02-02 |
modified | 1999-12-29 |
published | 1999-12-29 |
reporter | Rudi Carell |
source | https://www.exploit-db.com/download/19694/ |
title | AltaVista Search Intranet 2.0 b/2.3 - Directory Traversal Vulnerability |
Nessus
NASL family | CGI abuses |
NASL id | ALTAVISTA_SEARCH.NASL |
description | It is possible to read the content of any files on the remote host (such as your configuration files or other sensitive data) by using the Altavista Intranet Search service, and performing the request: |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 10015 |
published | 2000-01-09 |
reporter | This script is Copyright (C) 2000-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/10015 |
title | AltaVista Intranet Search CGI query Traversal Arbitrary File Access |
code |
|