Vulnerability in Goahead_software Goahead_webserver
CVE-2002-0680
Directory traversal vulnerability in GoAhead Web Server 2.1 allows remote attackers to read arbitrary files via a URL with an encoded / (%5C) in a .. (dot dot) sequence. NOTE: it is highly likely that this candidate will be REJECTED becau…
EPSS: 0.035 (87.6th percentile) — read the EPSS interpretation.
Affected products
- Goahead_software Goahead_webserver — versions 2.1.1, 2.1.2, 2.1.3
- Montavista_software Hard_hat_linux — versions 1.0
- Orange_software Orange_web_server — versions 2.1
- N/a — versions n/a
References
- cve@mitre.org (x_refsource_OSVDB, vdb-entry)
- cve@mitre.org (Vendor Advisory, mailing-list, x_refsource_VULNWATCH)
- cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
- cve@mitre.org (x_refsource_CONFIRM)
- cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)