Vulnerabilities > CVE-2002-1133 - Unspecified vulnerability in Funsoft Dinos Webserver 1.2
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Encoded directory traversal vulnerability in Dino's web server 2.1 allows remote attackers to read arbitrary files via ".." (dot dot) sequences with URL-encoded (1) "/" (%2f") or (2) "\" (%5c) characters.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Packetstorm
| data source | https://packetstormsecurity.com/files/download/29741/idefense.dinoweb.txt |
| id | PACKETSTORM:29741 |
| last seen | 2016-12-05 |
| published | 2002-09-24 |
| reporter | David Endler |
| source | https://packetstormsecurity.com/files/29741/idefense.dinoweb.txt.html |
| title | idefense.dinoweb.txt |
References
- http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0127.html
- http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0127.html
- http://marc.info/?l=bugtraq&m=103281444824285&w=2
- http://marc.info/?l=bugtraq&m=103281444824285&w=2
- http://www.iss.net/security_center/static/10168.php
- http://www.iss.net/security_center/static/10168.php
- http://www.securityfocus.com/bid/5782
- http://www.securityfocus.com/bid/5782