Vulnerabilities > CVE-2003-0338 - Directory Traversal vulnerability in Wsmp3 Daemon and Wsmp3 web Server
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Directory traversal vulnerability in WsMp3 daemon (WsMp3d) 0.0.10 and earlier allows remote attackers to read and execute arbitrary files via .. (dot dot) sequences in HTTP GET or POST requests.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 10 |
Exploit-Db
description | WSMP3 0.0.x Remote Command Execution Vulnerability. CVE-2003-0338. Remote exploit for linux platform |
id | EDB-ID:22623 |
last seen | 2016-02-02 |
modified | 2003-05-21 |
published | 2003-05-21 |
reporter | dong-h0un U |
source | https://www.exploit-db.com/download/22623/ |
title | WSMP3 0.0.x - Remote Command Execution Vulnerability |
Nessus
NASL family | Web Servers |
NASL id | WSMP3D_CMD_EXEC.NASL |
description | The remote host is using wsmp3d, an MP3 streaming web server. There is a flaw in this server that allows anyone to execute arbitrary commands and read arbitrary files with the privileges this server is running with. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 11645 |
published | 2003-05-21 |
reporter | This script is Copyright (C) 2003-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/11645 |
title | WsMp3 Daemon (WsMp3d) HTTP Traversal Arbitrary File Execution/Access |
code |
|