Vulnerabilities > CVE-2002-0680

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

goahead-software

orange-software

montavista-software

exploit available

NVD

Published: 2002-07-23

Updated: 2024-11-20

Summary

Directory traversal vulnerability in GoAhead Web Server 2.1 allows remote attackers to read arbitrary files via a URL with an encoded / (%5C) in a .. (dot dot) sequence. NOTE: it is highly likely that this candidate will be REJECTED because it has been reported to be a duplicate of CVE-2001-0228.

Vulnerable Configurations

Part	Description	Count
Application	Goahead_Software Goahead Software Goahead Webserver 2.1.1 Goahead Software Goahead Webserver 2.1.5 Goahead Software Goahead Webserver 2.1.2 Goahead Software Goahead Webserver 2.1.4 Goahead Software Goahead Webserver 2.1.3	5
Application	Orange_Software Orange Software Orange WEB Server 2.1	1
OS	Montavista_Software Montavista Software Hard HAT Linux 1.0	1

Exploit-Db

description	GoAhead WebServer 2.1.x URL Encoded Slash Directory Traversal Vulnerability. CVE-2002-0680. Remote exploit for windows platform
id	EDB-ID:21607
last seen	2016-02-02
modified	2002-07-10
published	2002-07-10
reporter	Matt Moore
source	https://www.exploit-db.com/download/21607/
title	GoAhead WebServer 2.1.x URL Encoded Slash Directory Traversal Vulnerability

Vulnerabilities > CVE-2002-0680 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2002-0680"}]}

Summary

Vulnerable Configurations

Exploit-Db

References

Vulnerabilities > CVE-2002-0680