Vulnerabilities > CVE-2000-0687 - Directory Traversal vulnerability in CGI Script Center Auction Weaver

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
cgi-script-center
critical

Summary

Auction Weaver CGI script 1.03 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack in the catdir parameter.

Vulnerable Configurations

Part Description Count
Application
Cgi_Script_Center
1

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/23375/auction.weaver.txt
idPACKETSTORM:23375
last seen2016-12-05
published2000-10-19
reportermitre.org
sourcehttps://packetstormsecurity.com/files/23375/auction.weaver.txt.html
titleauction.weaver.txt