Vulnerabilities > CVE-2002-0543 - Unspecified vulnerability in Aprelium Technologies Abyss web Server 1.0

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
aprelium-technologies
exploit available
NVD
Published: 2002-07-03
Updated: 2008-09-05

Summary

Directory traversal vulnerability in Aprelium Abyss Web Server (abyssws) before 1.0.0.2 allows remote attackers to read files outside the web root, including the abyss.conf file, via URL-encoded .. (dot dot) sequences in the HTTP request.

Vulnerable Configurations

Part Description Count
Application
Aprelium_Technologies
1

Exploit-Db

descriptionAbyss Web Server 1.0 File Disclosure Vulnerability. CVE-2002-0543,CVE-2002-0544. Remote exploit for windows platform
idEDB-ID:21367
last seen2016-02-02
modified2002-04-07
published2002-04-07
reporterJeremy Roberts
sourcehttps://www.exploit-db.com/download/21367/
titleAbyss Web Server 1.0 File Disclosure Vulnerability

References