Exploitation Summary
EIP tracks 1 public exploit for CVE-2000-0920. PoCs published by llmora.
AI-analyzed exploit summary The advisory describes a directory traversal vulnerability in BOA web server v0.94.8.2, allowing arbitrary file access via URL-encoded '../' sequences. It also highlights potential remote code execution if CGI support is enabled.
Description
Directory traversal vulnerability in BOA web server 0.94.8.2 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack in the GET HTTP request that uses a "%2E" instead of a "."
Exploits (1)
The advisory describes a directory traversal vulnerability in BOA web server v0.94.8.2, allowing arbitrary file access via URL-encoded '../' sequences. It also highlights potential remote code execution if CGI support is enabled.