CVE-2001-0452

BRS WebWeaver FTP <0.64 Beta - Info Disclosure

Title source: llm
STIX 2.1

Description

BRS WebWeaver FTP server before 0.64 Beta allows remote attackers to obtain the real pathname of the server via a "CD *" command followed by an ls command.

Exploits (1)

exploitdb WORKING POC VERIFIED
by joetesta · textremotewindows
https://www.exploit-db.com/exploits/20819

References (3)

Core 3
Core References
Exploit, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/2676
Patch, Vendor Advisory mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/180506

Scores

EPSS 0.0525
EPSS Percentile 90.0%

Details

Status published
Products (7)
brs/webweaver 0.49_beta
brs/webweaver 0.50_beta
brs/webweaver 0.51_beta
brs/webweaver 0.52_beta
brs/webweaver 0.60_beta
brs/webweaver 0.61_beta
brs/webweaver 0.62_beta
Published Jun 27, 2001
Tracked Since Feb 18, 2026