[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250038

 
 

909

 
 

195843

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2001-0982Date: (C)2001-07-23   (M)2023-12-22


Directory traversal vulnerability in IBM Tivoli WebSEAL Policy Director 3.01 through 3.7.1 allows remote attackers to read arbitrary files or directories via encoded .. (dot dot) sequences containing "%2e" strings.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: NONE
Availability: NONE
  
Reference:
OSVDB-1908
http://archives.neohapsis.com/archives/bugtraq/2001-07/0497.html
BID-3080
IY18152
ftp://ftp.tivoli.com/support/patches/patches_3.7.1/3.7.1-POL-0003/3.7.1-POL-0003.README
tivoli-secureway-dot-directory-traversal(6884)

CPE    4
cpe:/a:ibm:tivoli_secureway_policy_director:3.7.1
cpe:/a:ibm:tivoli_secureway_policy_director:3.0.1
cpe:/a:ibm:tivoli_secureway_policy_director:3.7
cpe:/a:ibm:tivoli_secureway_policy_director:3.6
...

© SecPod Technologies