5
CVSSv2

CVE-2000-0660

Published: 12/07/2000 Updated: 10/10/2017
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 505
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

The WDaemon web server for WorldClient 2.1 allows remote malicious users to read arbitrary files via a .. (dot dot) attack.

Vulnerable Product Search on Vulmon Subscribe to Product

alt-n worldclient 2.1

Exploits

source: wwwsecurityfocuscom/bid/1462/info The HTTP interface for WorldClient 21 is vulnerable to a directory traversal By requesting a URL composed of the filename and \ it is possible for a remote user to retrieve and dowload any file of known location Example: emailvictimcom/\\\winnt\repair\sam_ ...