ID CVE-2002-1864
Summary Directory traversal vulnerability in Simple Web Server (SWS) 0.0.4 through 0.1.0 allows remote attackers to read arbitrary files via a ".." (dot dot) in an HTTP request.
References
Vulnerable Configurations
  • cpe:2.3:a:sws:sws_simple_web_server:0.0.3
    cpe:2.3:a:sws:sws_simple_web_server:0.0.3
  • cpe:2.3:a:sws:sws_simple_web_server:0.0.4
    cpe:2.3:a:sws:sws_simple_web_server:0.0.4
  • cpe:2.3:a:sws:sws_simple_web_server:0.1.0
    cpe:2.3:a:sws:sws_simple_web_server:0.1.0
  • cpe:2.3:a:sws:sws_simple_web_server:0.1.1
    cpe:2.3:a:sws:sws_simple_web_server:0.1.1
CVSS
Base: 5.0 (as of 28-07-2005 - 10:30)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
metasploit via4
description This module exploits a directory traversal vulnerability found in Simple Web Server 2.3-RC1.
id MSF:AUXILIARY/SCANNER/HTTP/SIMPLE_WEBSERVER_TRAVERSAL
last seen 2019-03-07
modified 2019-03-05
published 2013-02-06
reliability Normal
reporter Rapid7
source https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/simple_webserver_traversal.rb
title Simple Web Server 2.3-RC1 Directory Traversal
refmap via4
bid 5662
bugtraq 20020903 Re: SWS Web Server v0.1.0 Exploit
xf sws-webserver-directory-traversal(10070)
Last major update 05-09-2008 - 16:31
Published 31-12-2002 - 00:00
Back to Top