joetesta

15 exploits Active since May 2001
CVE-2001-0454 EXPLOITDB text WRITEUP
SlimServe < 1.1a - Directory Traversal via Modified Dot-Dot in HTTP Request
Directory traversal vulnerability in SlimServe HTTPd 1.1a allows remote attackers to read arbitrary files via a ... (modified dot dot) in the HTTP request.
CVE-2001-0206 EXPLOITDB text WRITEUP
Soft Lite ServerWorx 3.00 - Directory Traversal via HTTP GET Pathname
Directory traversal vulnerability in Soft Lite ServerWorx 3.00 allows remote attackers to read arbitrary files by inserting a .. (dot dot) or ... into the requested pathname of an HTTP GET request.
CVE-2001-0467 EXPLOITDB text WRITEUP
RobTex Viking Web Server < 1.0.7 - Directory Traversal via Modified Dot-Dot in HTTP URL
Directory traversal vulnerability in RobTex Viking Web server before 1.07-381 allows remote attackers to read arbitrary files via a \... (modified dot dot) in an HTTP URL request.
CVE-2001-0491 EXPLOITDB text WORKING POC
RaidenFTPD Server 2.1 - Directory Traversal via Dot Dot Attacks
Directory traversal vulnerability in RaidenFTPD Server 2.1 before build 952 allows attackers to access files outside the ftp root via dot dot attacks, such as (1) .... in CWD, (2) .. in NLST, or (3) ... in NLST.
CVE-2001-0202 EXPLOITDB text WRITEUP
informs picserver - Unauthenticated Arbitrary File Read via Dot-Dot Path Traversal
Picserver web server allows remote attackers to read arbitrary files via a .. (dot dot) attack in an HTTP GET request.
CVE-2001-0452 EXPLOITDB text WORKING POC
BRS WebWeaver FTP <0.64 Beta - Info Disclosure
BRS WebWeaver FTP server before 0.64 Beta allows remote attackers to obtain the real pathname of the server via a "CD *" command followed by an ls command.
CVE-2001-0205 EXPLOITDB text WRITEUP
AOLserver <= 3.2 - Directory Traversal via Modified Dot-Dot Attack
Directory traversal vulnerability in AOLserver 3.2 and earlier allows remote attackers to read arbitrary files by inserting "..." into the requested pathname, a modified .. (dot dot) attack.
CVE-2001-0293 EXPLOITDB text WORKING POC
FtpXQ 2.0.93 - Directory Traversal via GET Command
Directory traversal vulnerability in FtpXQ FTP server 2.0.93 allows remote attackers to read arbitrary files via a .. (dot dot) in the GET command.
CVE-2001-0171 EXPLOITDB text WORKING POC
SlimServe HTTPd 1.0 - Buffer Overflow via Long GET Request
Buffer overflow in SlimServe HTTPd 1.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long GET request.
CVE-2001-0302 EXPLOITDB text WRITEUP
Pi3Web 1.0.1 - Buffer Overflow via Long URL
Buffer overflow in tstisapi.dll in Pi3Web 1.0.1 web server allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long URL.
CVE-2001-0495 EXPLOITDB text WRITEUP
DataWizard WebXQ 1.204 - Directory Traversal via Dot-Dot Attack
Directory traversal in DataWizard WebXQ server 1.204 allows remote attackers to view files outside of the web root via a .. (dot dot) attack.
CVE-2001-0307 EXPLOITDB text WORKING POC
Bajie HTTP JServer < 0.80 - Remote Code Execution via Shell Metacharacters in CGI Request
Bajie HTTP JServer 0.78, and other versions before 0.80, allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTP request for a CGI program that does not exist.
CVE-2001-0304 EXPLOITDB text WORKING POC
Resin 1.2.2 - Directory Traversal via Dot Dot in URL Request
Directory traversal vulnerability in Caucho Resin 1.2.2 allows remote attackers to read arbitrary files via a "\.." (dot dot) in a URL request.
CVE-2001-0308 EXPLOITDB text WRITEUP
Bajie java_http_server < 0.79 - Remote Code Execution via UploadServlet
UploadServlet in Bajie HTTP JServer 0.78, and possibly other versions before 0.80, allows remote attackers to execute arbitrary commands by calling the servlet to upload a program, then using a ... (modified ..) to access the file that was created for the program.
CVE-2001-0630 EXPLOITDB text WRITEUP
MIMAnet source_viewer 2.0 - Directory Traversal via loc Variable
Directory traversal vulnerability in MIMAnet viewsrc.cgi 2.0 allows a remote attacker to read arbitrary files via a '..' (dot dot) attack in the 'loc' variable.