Lucene search

MitreCVE-2004-2116

HistoryMay 27, 2005 - 4:00 a.m.

CVE-2004-2116

2005-05-2704:00:00

mitre

web.nvd.nist.gov

cve

2004

2116

directory traversal

tiny server

remote attackers

arbitrary files

url

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

7.1

Confidence

Low

EPSS

0.014

Percentile

86.6%

JSON

Directory traversal vulnerability in Tiny Server 1.1 allows remote attackers to read or download arbitrary files via a … (dot dot) in the URL.

Affected configurations

Nvd

Node

tinyservertinyserverMatch1.1

VendorProductVersionCPE
tinyservertinyserver1.1cpe:2.3:a:tinyserver:tinyserver:1.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
tinyserver	tinyserver	1.1	cpe:2.3:a:tinyserver:tinyserver:1.1:::::::*

References

marc.info/?l=bugtraq&m=107496530806730&w=2

packetstormsecurity.com/files/129320/Tiny-Server-1.1.9-Arbitrary-File-Disclosure.html

secunia.com/advisories/10707

www.autistici.org/fdonato/advisory/tinyServer1.1%5B1.0.5%5D-adv.txt

www.osvdb.org/3708

www.securityfocus.com/bid/9485

exchange.xforce.ibmcloud.com/vulnerabilities/14927

exchange.xforce.ibmcloud.com/vulnerabilities/99048

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

7.1

Confidence

Low

EPSS

0.014

Percentile

86.6%

JSON

Related for CVE-2004-2116