CVE-2004-2116

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2004-2116
Directory traversal vulnerability in Tiny Server 1.1 allows remote attackers to read or download arbitrary files via a .. (dot dot) in the URL.

5.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References
Link Resource
http://marc.info/?l=bugtraq&m=107496530806730&w=2
http://packetstormsecurity.com/files/129320/Tiny-Server-1.1.9-Arbitrary-File-Disclosure.html
http://secunia.com/advisories/10707
http://www.autistici.org/fdonato/advisory/tinyServer1.1%5B1.0.5%5D-adv.txt
http://www.osvdb.org/3708
http://www.securityfocus.com/bid/9485 Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/14927
https://exchange.xforce.ibmcloud.com/vulnerabilities/99048
http://marc.info/?l=bugtraq&m=107496530806730&w=2
http://packetstormsecurity.com/files/129320/Tiny-Server-1.1.9-Arbitrary-File-Disclosure.html
http://secunia.com/advisories/10707
http://www.autistici.org/fdonato/advisory/tinyServer1.1%5B1.0.5%5D-adv.txt
http://www.osvdb.org/3708
http://www.securityfocus.com/bid/9485 Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/14927
https://exchange.xforce.ibmcloud.com/vulnerabilities/99048
Configurations

Configuration 1 (hide)

cpe:2.3:a:tinyserver:tinyserver:1.1:*:*:*:*:*:*:*
History

20 Nov 2024, 23:52

Type Values Removed Values Added
References () http://marc.info/?l=bugtraq&m=107496530806730&w=2 - () http://marc.info/?l=bugtraq&m=107496530806730&w=2 -
References () http://packetstormsecurity.com/files/129320/Tiny-Server-1.1.9-Arbitrary-File-Disclosure.html - () http://packetstormsecurity.com/files/129320/Tiny-Server-1.1.9-Arbitrary-File-Disclosure.html -
References () http://secunia.com/advisories/10707 - () http://secunia.com/advisories/10707 -
References () http://www.autistici.org/fdonato/advisory/tinyServer1.1%5B1.0.5%5D-adv.txt - () http://www.autistici.org/fdonato/advisory/tinyServer1.1%5B1.0.5%5D-adv.txt -
References () http://www.osvdb.org/3708 - () http://www.osvdb.org/3708 -
References () http://www.securityfocus.com/bid/9485 - Exploit () http://www.securityfocus.com/bid/9485 - Exploit
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/14927 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/14927 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/99048 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/99048 -
Information

Published : 2004-12-31 05:00

Updated : 2024-11-20 23:52

NVD link : CVE-2004-2116

Mitre link : CVE-2004-2116

CVE.ORG link : CVE-2004-2116

JSON object : View

Products Affected

tinyserver

  • tinyserver
CWE
NVD-CWE-Other