Vulnerabilities > CVE-2005-1365 - Directory Traversal vulnerability in Pserv

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

pico-server

critical

exploit available

NVD

Published: 2005-05-16

Updated: 2016-10-18

Summary

Pico Server (pServ) 3.2 and earlier allows remote attackers to execute arbitrary commands via a URL with multiple leading "/" (slash) characters and ".." sequences.

Vulnerable Configurations

Part	Description	Count
Application	Pico_Server Pico Server Pico Server 3.0 Pico Server Pico Server 3.0_Beta_3 Pico Server Pico Server 3.1 Pico Server Pico Server 3.2	4

Exploit-Db

description	Pserv 3.2 Directory Traversal Vulnerability. CVE-2005-1365. Remote exploit for linux platform
id	EDB-ID:25669
last seen	2016-02-03
modified	2005-05-16
published	2005-05-16
reporter	Claus R. F. Overbeck
source	https://www.exploit-db.com/download/25669/
title	pserv 3.2 - Directory Traversal Vulnerability

Packetstorm

data source	https://packetstormsecurity.com/files/download/39267/pservBad.txt
id	PACKETSTORM:39267
last seen	2016-12-05
published	2005-08-14
reporter	tsyklon.informatik.rwth-aachen.de
source	https://packetstormsecurity.com/files/39267/pservBad.txt.html
title	pservBad.txt

Summary

Vulnerable Configurations

Exploit-Db

Packetstorm

References