CyberSec.Space Logo
返回 CVE 浏览器

CVE-2001-1586

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1650%
EPSS Percentile40.75th
Published2010年2月12日
Last Modified2026年4月29日

Vulnerability Description

Directory traversal vulnerability in SimpleServer:WWW 1.13 and earlier allows remote attackers to execute arbitrary programs via encoded ../ ("%2E%2E%2F%") sequences in a request to the cgi-bin/ directory, a different vulnerability than CVE-2000-0664.

Affected Platforms (CPE)

📦
Analogx

Simpleserver Www

<= 1.13
📦
Analogx

Simpleserver Www

= 1.0.8
📦
Analogx

Simpleserver Www

= 1.01
📦
Analogx

Simpleserver Www

= 1.03
📦
Analogx

Simpleserver Www

= 1.04
📦
Analogx

Simpleserver Www

= 1.05
📦
Analogx

Simpleserver Www

= 1.06

References & Advisories

🔗 http://seclists.org/bugtraq/2001/Jul/660
🔗 http://www.analogx.com/contents/download/network/sswww.htm
🔗 http://www.securiteam.com/windowsntfocus/5TP0B1P4UK.html
🔗 http://www.securityfocus.com/bid/3112
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/56631
🔗 http://seclists.org/bugtraq/2001/Jul/660
🔗 http://www.analogx.com/contents/download/network/sswww.htm
🔗 http://www.securiteam.com/windowsntfocus/5TP0B1P4UK.html

相关漏洞威胁

CVE-2000-00117.5

Buffer overflow in AnalogX SimpleServer:WWW HTTP server allows remote attackers to execute commands via a long GET request.

CVE-2002-09687.5

Buffer overflow in AnalogX SimpleServer:WWW 1.16 and earlier allows remote attackers to cause a denial of service (crash) and exec...

CVE-2000-02435.0

AnalogX SimpleServer:WWW HTTP server 1.03 allows remote attackers to cause a denial of service via a short GET request to cgi-bin.

CVE-2000-06645.0

AnalogX SimpleServer:WWW 1.06 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack that ...