CVE-2001-0615

Faust Informatics Freestyle Chat < 4.1 - Directory Traversal via Dot-Dot Attack

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-0615. PoCs published by nemesystm.

AI-analyzed exploit summary The provided text describes a directory traversal vulnerability in Freestyle Chat server, allowing remote users to access files outside the webserver directory. It includes an example URL demonstrating the attack but lacks executable code.

Description

Directory traversal vulnerability in Faust Informatics Freestyle Chat server prior to 4.1 SR3 allows a remote attacker to read arbitrary files via a specially crafted URL which includes variations of a '..' (dot dot) attack such as '...' or '....'.

Exploits (1)

exploitdb WRITEUP VERIFIED
by nemesystm · textremotemultiple
https://www.exploit-db.com/exploits/20882

The provided text describes a directory traversal vulnerability in Freestyle Chat server, allowing remote users to access files outside the webserver directory. It includes an example URL demonstrating the attack but lacks executable code.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Theoretical
Target: Freestyle Chat server from Faust Informatics
No auth needed
Prerequisites: Network access to the vulnerable server
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/6601
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/1841
Exploit, Patch, Vendor Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-05/0241.html
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/2776

Scores

EPSS 0.0367
EPSS Percentile 88.2%

Details

Status published
Products (1)
faust_informatics/freestyle_chat < 4.1
Published Aug 14, 2001
Tracked Since Feb 18, 2026