CVE-2001-0693 - WebTrends HTTP Server 3.1c and 3.5 allows a remote attacker to view script source code via a filenam

CVE-2001-0693

Summary

WebTrends HTTP Server 3.1c and 3.5 allows a remote attacker to view script source code via a filename followed by an encoded space (%20).

References

Vulnerable Configurations

cpe:2.3:a:webtrends:webtrends_enterprise_reporting_server:3.1c:*:*:*:*:*:*:*
cpe:2.3:a:webtrends:webtrends_enterprise_reporting_server:3.1c:*:*:*:*:*:*:*
cpe:2.3:a:webtrends:webtrends_enterprise_reporting_server_nt:3.5:*:*:*:*:*:*:*
cpe:2.3:a:webtrends:webtrends_enterprise_reporting_server_nt:3.5:*:*:*:*:*:*:*

CVSS

CWE

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:N/A:N

refmap via4

bid	2812
bugtraq	20010603 Webtrends HTTP Server %20 bug
xf	webtrends-unicode-reveal-source(6639)

Last major update

19-12-2017 - 02:29

Published

20-09-2001 - 04:00

Last modified

19-12-2017 - 02:29