Lucene search

MitreCVE-2002-1238

HistoryNov 12, 2002 - 5:00 a.m.

CVE-2002-1238

2002-11-1205:00:00

mitre

web.nvd.nist.gov

cve-2002-1238

peter sandvik

simple web server

access restrictions

http

security vulnerability

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.8

Confidence

Low

EPSS

0.017

Percentile

87.7%

JSON

Peter Sandvik’s Simple Web Server 0.5.1 and earlier allows remote attackers to bypass access restrictions for files via an HTTP request with a sequence of multiple / (slash) characters such as http://www.example.com///file/.

Affected configurations

Nvd

Node

peter_sandviksimple_web_serverRange≤0.5.1

VendorProductVersionCPE
peter_sandviksimple_web_server*cpe:2.3:a:peter_sandvik:simple_web_server:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
peter_sandvik	simple_web_server	*	cpe:2.3:a:peter_sandvik:simple_web_server::::::::

References

archives.neohapsis.com/archives/vulnwatch/2002-q4/0065.html

marc.info/?l=bugtraq&m=103679016031857&w=2

www.idefense.com/advisory/11.08.02a.txt

www.securityfocus.com/bid/6145

exchange.xforce.ibmcloud.com/vulnerabilities/10563

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.8

Confidence

Low

EPSS

0.017

Percentile

87.7%

JSON

Related for CVE-2002-1238