Vulnerabilities > CVE-2001-0453 - Directory Traversal vulnerability in BRS WebWeaver

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

brs

NVD

Published: 2001-06-27

Updated: 2008-09-05

Summary

Directory traversal vulnerability in BRS WebWeaver HTTP server allows remote attackers to read arbitrary files via a .. (dot dot) attack in the (1) syshelp, (2) sysimages, or (3) scripts directories.

Vulnerable Configurations

Part	Description	Count
Application	Brs BRS Webweaver 0.49_Beta BRS Webweaver 0.50_Beta BRS Webweaver 0.51_Beta BRS Webweaver 0.52_Beta BRS Webweaver 0.60_Beta BRS Webweaver 0.61_Beta BRS Webweaver 0.62_Beta	7

References

http://archives.neohapsis.com/archives/bugtraq/2001-04/0519.html
http://members.nbci.com/_XMCM/BSoutham/WebWeaver/WebWeaverHistory.html
http://www.securityfocus.com/bid/2675