Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 11/10/2002 Updated: 18/10/2016

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Directory traversal vulnerability in the CGIServlet for Jetty HTTP server prior to 4.1.0 allows remote malicious users to execute arbitrary commands via ..\ (dot-dot backslash) sequences in an HTTP request to the cgi-bin directory.

Vulnerable Product	Search on Vulmon	Subscribe to Product
jetty jetty http server

source: wwwsecurityfocuscom/bid/5852/info A flaw in the CGIServlet in Jetty allows an attacker to execute arbitrary commands on the server Specifically, it is possible for an attacker to use directory traversal sequences and cause the CGIServlet to execute attacker-specified commands (such as running executables on the host) This vulne ...

NVD-CWE-Other http://www.iss.net/security_center/static/10246.php http://groups.yahoo.com/group/jetty-announce/message/45 http://www.securityfocus.com/bid/5852 http://www.westpoint.ltd.uk/advisories/wp-02-0011.txt http://marc.info/?l=bugtraq&m=103358725813039&w=2 https://nvd.nist.gov https://www.exploit-db.com/exploits/21895/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2002-1178

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect