Description
Etype Eserv 2.97 allows remote attackers to view password protected files via /./ in the URL.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Tamer Sahin · textremotewindows
https://www.exploit-db.com/exploits/21211
References (6)
Core 6
Core References
Third Party Advisory mailing-list
x_refsource_vulnwatch
http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0010.html
Mailing List mailing-list
x_refsource_ntbugtraq
http://marc.info/?l=ntbugtraq&m=101062823505486&w=2
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/3838
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=101062172226812&w=2
Patch mailing-list
x_refsource_bugtraq
http://online.securityfocus.com/archive/1/249734
Third Party Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/7849.php
Scores
EPSS
0.0750
EPSS Percentile
91.8%
Details
Status
published
Products (7)
etype/eserv
2.92
etype/eserv
2.93
etype/eserv
2.94
etype/eserv
2.95
etype/eserv
2.95_beta2
etype/eserv
2.96
etype/eserv
2.97
Published
Mar 25, 2002
Tracked Since
Feb 18, 2026