BRS : Security Vulnerabilities, CVEs,
BRS WebWeaver FTP server before 0.64 Beta allows remote attackers to obtain the real pathname of the server via a "CD *" command followed by an ls command.
Max CVSS
5.0
EPSS Score
1.60%
Published
2001-06-27
Updated
2008-09-05
Directory traversal vulnerability in BRS WebWeaver HTTP server allows remote attackers to read arbitrary files via a .. (dot dot) attack in the (1) syshelp, (2) sysimages, or (3) scripts directories.
Max CVSS
5.0
EPSS Score
0.25%
Published
2001-06-27
Updated
2008-09-05
BRS WebWeaver Web Server 1.01 allows remote attackers to bypass password protections for files and directories via an HTTP request containing a "/./" sequence.
Max CVSS
7.5
EPSS Score
0.79%
Published
2003-03-31
Updated
2008-09-05
Buffer overflow in BRS WebWeaver 1.04 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP (1) POST or (2) HEAD request.
Max CVSS
10.0
EPSS Score
2.06%
Published
2003-06-30
Updated
2016-10-18
Buffer overflow in BRS WebWeaver 1.06 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP request with a long User-Agent header.
Max CVSS
5.0
EPSS Score
2.68%
Published
2003-12-31
Updated
2017-07-11
5 vulnerabilities found