CVE-1999-1590 - Directory traversal vulnerability in Muhammad A. Muquit wwwcount (Count.cgi) 2.3 allows remote attac

CVE-1999-1590

Summary

Directory traversal vulnerability in Muhammad A. Muquit wwwcount (Count.cgi) 2.3 allows remote attackers to read arbitrary GIF files via ".." sequences in the image parameter, a different vulnerability than CVE-1999-0021.

References

http://seclists.org/bugtraq/1997/Oct/0058.html

Vulnerable Configurations

cpe:2.3:a:wwwcount:wwwcount:2.3:*:*:*:*:*:*:*
cpe:2.3:a:wwwcount:wwwcount:2.3:*:*:*:*:*:*:*

CVSS

Base:	3.5 (as of 05-09-2008 - 20:19)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	SINGLE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:N/AC:M/Au:S/C:P/I:N/A:N

refmap via4

bugtraq

19971010 Security flaw in Count.cgi (wwwcount)

Last major update

05-09-2008 - 20:19

Published

31-12-1999 - 05:00

Last modified

05-09-2008 - 20:19