Vulnerabilities > CVE-2001-0523 - Unspecified vulnerability in Eeye Digital Security Secureiis and Securells

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

eeye-digital-security

NVD

Published: 2001-08-14

Updated: 2024-11-20

Summary

eEye SecureIIS versions 1.0.3 and earlier allows a remote attacker to bypass filtering of requests made to SecureIIS by escaping HTML characters within the request, which could allow a remote attacker to use restricted variables and perform directory traversal attacks on vulnerable programs that would otherwise be protected.

Vulnerable Configurations

Part	Description	Count
Application	Eeye_Digital_Security Eeye Digital Security Securells * Eeye Digital Security Secureiis 1.0.2	2

References

http://archives.neohapsis.com/archives/bugtraq/2001-05/0185.html
http://archives.neohapsis.com/archives/bugtraq/2001-05/0185.html
http://archives.neohapsis.com/archives/bugtraq/2001-05/0197.html
http://archives.neohapsis.com/archives/bugtraq/2001-05/0197.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/6563
https://exchange.xforce.ibmcloud.com/vulnerabilities/6563
https://exchange.xforce.ibmcloud.com/vulnerabilities/6564
https://exchange.xforce.ibmcloud.com/vulnerabilities/6564