BRS WebWeaver FTP server before 0.64 Beta allows remote attackers to obtain the real pathname of the server via a "CD *" command followed by an ls command.
Max CVSS
5.0
EPSS Score
1.60%
Published
2001-06-27
Updated
2008-09-05
Directory traversal vulnerability in BRS WebWeaver HTTP server allows remote attackers to read arbitrary files via a .. (dot dot) attack in the (1) syshelp, (2) sysimages, or (3) scripts directories.
Max CVSS
5.0
EPSS Score
0.25%
Published
2001-06-27
Updated
2008-09-05
BRS WebWeaver Web Server 1.01 allows remote attackers to bypass password protections for files and directories via an HTTP request containing a "/./" sequence.
Max CVSS
7.5
EPSS Score
0.79%
Published
2003-03-31
Updated
2008-09-05
Buffer overflow in BRS WebWeaver 1.04 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP (1) POST or (2) HEAD request.
Max CVSS
10.0
EPSS Score
2.06%
Published
2003-06-30
Updated
2016-10-18
Buffer overflow in BRS WebWeaver 1.06 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP request with a long User-Agent header.
Max CVSS
5.0
EPSS Score
2.68%
Published
2003-12-31
Updated
2017-07-11
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!