CVE-2000-0144 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2000-0144

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Axis 700 Network Scanner does not properly restrict access to administrator URLs, which allows users to bypass the password protection via a .. (dot dot) attack.

Affected Software

Name	Vendor	Start Version	End Version
700_network_document_server	Axis	1.0 (including)	1.0 (including)
700_network_document_server	Axis	1.10 (including)	1.10 (including)
700_network_document_server	Axis	1.11 (including)	1.11 (including)
700_network_document_server	Axis	1.12 (including)	1.12 (including)
700_network_document_server	Axis	1.13 (including)	1.13 (including)
700_network_document_server	Axis	1.14 (including)	1.14 (including)

References

http://archives.neohapsis.com/archives/bugtraq/2000-02/0034.html
http://www.securityfocus.com/bid/971