CyberSec.Space Logo
Back to CVE Browser

CVE-2001-1586

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1650%
EPSS Percentile40.75th
PublishedFeb 12, 2010
Last ModifiedApr 29, 2026

Vulnerability Description

Directory traversal vulnerability in SimpleServer:WWW 1.13 and earlier allows remote attackers to execute arbitrary programs via encoded ../ ("%2E%2E%2F%") sequences in a request to the cgi-bin/ directory, a different vulnerability than CVE-2000-0664.

Affected Platforms (CPE)

πŸ“¦
Analogx

Simpleserver Www

<= 1.13
πŸ“¦
Analogx

Simpleserver Www

= 1.0.8
πŸ“¦
Analogx

Simpleserver Www

= 1.01
πŸ“¦
Analogx

Simpleserver Www

= 1.03
πŸ“¦
Analogx

Simpleserver Www

= 1.04
πŸ“¦
Analogx

Simpleserver Www

= 1.05
πŸ“¦
Analogx

Simpleserver Www

= 1.06

References & Advisories

πŸ”— http://seclists.org/bugtraq/2001/Jul/660
πŸ”— http://www.analogx.com/contents/download/network/sswww.htm
πŸ”— http://www.securiteam.com/windowsntfocus/5TP0B1P4UK.html
πŸ”— http://www.securityfocus.com/bid/3112
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/56631
πŸ”— http://seclists.org/bugtraq/2001/Jul/660
πŸ”— http://www.analogx.com/contents/download/network/sswww.htm
πŸ”— http://www.securiteam.com/windowsntfocus/5TP0B1P4UK.html

Related Vulnerabilities

CVE-2000-00117.5

Buffer overflow in AnalogX SimpleServer:WWW HTTP server allows remote attackers to execute commands via a long GET request.

CVE-2002-09687.5

Buffer overflow in AnalogX SimpleServer:WWW 1.16 and earlier allows remote attackers to cause a denial of service (crash) and exec...

CVE-2000-02435.0

AnalogX SimpleServer:WWW HTTP server 1.03 allows remote attackers to cause a denial of service via a short GET request to cgi-bin.

CVE-2000-06645.0

AnalogX SimpleServer:WWW 1.06 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack that ...