Vulnerabilities > CVE-2004-0072 - Remote File Disclosure vulnerability in Accipiter Direct Server 6.0

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

accipiter

exploit available

NVD

Published: 2004-02-17

Updated: 2017-07-11

Summary

Directory traversal vulnerability in Accipiter Direct Server 6.0 allows remote attackers to read arbitrary files via encoded \.. (backslash .., "%5c%2e%2e") sequences in an HTTP request.

Vulnerable Configurations

Part	Description	Count
Application	Accipiter Accipiter Accipiter Direct Server 6.0	1

Exploit-Db

description	Accipiter DirectServer 6.0 Remote File Disclosure Vulnerability. CVE-2004-0072. Remote exploit for windows platform
id	EDB-ID:23533
last seen	2016-02-02
modified	2004-01-09
published	2004-01-09
reporter	Mark Bassett
source	https://www.exploit-db.com/download/23533/
title	Accipiter DirectServer 6.0 - Remote File Disclosure Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References