CVE-2001-0205

AOLserver <= 3.2 - Directory Traversal via Modified Dot-Dot Attack

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-0205. PoCs published by joetesta.

AI-analyzed exploit summary This is a writeup describing a directory traversal vulnerability in AOLserver. The exploit involves crafting a URL with '.../' sequences to access files outside the web root directory.

Description

Directory traversal vulnerability in AOLserver 3.2 and earlier allows remote attackers to read arbitrary files by inserting "..." into the requested pathname, a modified .. (dot dot) attack.

Exploits (1)

exploitdb WRITEUP VERIFIED
by joetesta · textremotewindows
https://www.exploit-db.com/exploits/20614

This is a writeup describing a directory traversal vulnerability in AOLserver. The exploit involves crafting a URL with '.../' sequences to access files outside the web root directory.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: AOLserver
No auth needed
Prerequisites: Network access to the target AOLserver
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=98148759123258&w=2
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=98168216003867&w=2
Exploit, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/2343

Scores

EPSS 0.2361
EPSS Percentile 97.5%

Details

Status published
Products (1)
aol/aol_server 3.2
Published May 03, 2001
Tracked Since Feb 18, 2026