CyberSec.Space Logo
Back to CVE Browser

CVE-2002-1864

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.0730%
EPSS Percentile22.81th
PublishedDec 31, 2002
Last ModifiedApr 16, 2026

Vulnerability Description

Directory traversal vulnerability in Simple Web Server (SWS) 0.0.4 through 0.1.0 allows remote attackers to read arbitrary files via a ".." (dot dot) in an HTTP request.

Affected Platforms (CPE)

πŸ“¦
Sws

Sws Simple Web Server

= 0.0.3
πŸ“¦
Sws

Sws Simple Web Server

= 0.0.4
πŸ“¦
Sws

Sws Simple Web Server

= 0.1.0
πŸ“¦
Sws

Sws Simple Web Server

= 0.1.1

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/bugtraq/2002-09/0047.html
πŸ”— http://www.iss.net/security_center/static/10070.php
πŸ”— http://www.securityfocus.com/bid/5662
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2002-09/0047.html
πŸ”— http://www.iss.net/security_center/static/10070.php
πŸ”— http://www.securityfocus.com/bid/5662

Related Vulnerabilities

CVE-2002-18707.5

Simple Web Server (SWS) 0.0.4 through 0.1.0 does not properly handle when the recv function call fails, which may allow remote att...

CVE-2002-18665.0

Simple Web Server (SWS) 0.0.4 through 0.1.0 does not close file descriptors for 404 error messages, which could allow remote attac...

CVE-2002-000510.0

Buffer overflow in AOL Instant Messenger (AIM) 4.7.2480, 4.8.2616, and other versions allows remote attackers to execute arbitrary...

CVE-2002-000710.0

CGI.pl in Bugzilla before 2.14.1, when using LDAP, allows remote attackers to obtain an anonymous bind to the LDAP server via a re...