CVE Vulnerabilities

CVE-2001-0557

Published: Aug 14, 2001 | Modified: Dec 19, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

T. Hauck Jana Webserver 1.46 and earlier allows a remote attacker to view arbitrary files via a .. (dot dot) attack which is URL encoded (%2e%2e).

Affected Software

Name Vendor Start Version End Version
Jana_web_server T._hauck 1.0j 1.0j
Jana_web_server T._hauck 1.45 1.45
Jana_web_server T._hauck * 1.46
Jana_web_server T._hauck 2.0_beta_1 2.0_beta_1

References