ID CVE-1999-1509
Summary Directory traversal vulnerability in Etype Eserv 2.50 web server allows a remote attacker to read any file in the file system via a .. (dot dot) in a URL.
References
Vulnerable Configurations
  • cpe:2.3:a:etype:eserv:2.50
    cpe:2.3:a:etype:eserv:2.50
CVSS
Base: 5.0 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
exploit-db via4
description Etype Eserv 2.50 Directory Traversal Vulnerability. CVE-1999-1509. Remote exploit for windows platform
id EDB-ID:19601
last seen 2016-02-02
modified 1999-11-04
published 1999-11-04
reporter Ussr Labs
source https://www.exploit-db.com/download/19601/
title etype eserv 2.50 - Directory Traversal Vulnerability
nessus via4
NASL family Web Servers
NASL id ESERV.NASL
description The version of Eserv running on the remote host is vulnerable to a directory traversal attack. It is possible to read arbitrary files on the server by prepending ../../ or ..\..\ in front of the file name. A remote attacker could exploit this to read arbitrary files on the server, which could be used to mount further attacks.
last seen 2019-02-21
modified 2018-11-15
plugin id 10063
published 1999-11-05
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=10063
title Eserv GET Request Traversal Arbitrary File Access
refmap via4
bid 773
bugtraq 19991104 Eserv 2.50 Web interface Server Directory Traversal Vulnerability
ntbugtraq 19991104 Eserv 2.50 Web interface Server Directory Traversal Vulnerability
xf eserv-fileread
Last major update 17-10-2016 - 22:05
Published 04-11-1999 - 00:00
Back to Top