Vulnerabilities > CVE-2001-0075 - Unspecified vulnerability in Technote INC Technote 2000/2001/Pro
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Directory traversal vulnerability in main.cgi in Technote allows remote attackers to read arbitrary files via a .. (dot dot) attack in the filename parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 |
Exploit-Db
| description | Technote 2000/2001 'filename' Parameter Command Execution And File Disclosure Vulnerability. CVE-2001-0075. Remote exploit for cgi platform |
| id | EDB-ID:20523 |
| last seen | 2016-02-02 |
| modified | 2000-12-27 |
| published | 2000-12-27 |
| reporter | Ksecurity |
| source | https://www.exploit-db.com/download/20523/ |
| title | Technote 2000/2001 - 'filename' Parameter Command Execution And File Disclosure Vulnerability |
Nessus
| NASL family | CGI abuses |
| NASL id | TECHNOTE.NASL |
| description | The technote CGI board is installed. This board has a well known security flaw in the CGI main.cgi that lets an attacker read arbitrary files with the privileges of the http daemon (usually root or nobody). |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 10584 |
| published | 2000-12-29 |
| reporter | This script is Copyright (C) 2000-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/10584 |
| title | Technote main.cgi filename Parameter Traversal Arbitrary File Access |