CVE-2002-2375

CommuniGate Pro < 4.0b4 - Path Traversal via URL

Title source: llm
STIX 2.1

Description

Directory traversal vulnerability in CommuniGate Pro 4.0b4 and possibly earlier versions allows remote attackers to list the contents of the WebUser directory and its parent directory via a (1) .. (dot dot) or (2) . (dot) in a URL. NOTE: it is not clear whether this issue reveals any more information regarding directory structure than is already available to any CommuniGate Pro user, although there is a possibility that it could be used to infer product version information.

References (2)

Core 2
Core References
Third Party Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-07/0016.html
Third Party Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/9463.php

Scores

EPSS 0.0153
EPSS Percentile 71.7%

Details

CWE
CWE-22
Status published
Products (1)
stalker/communigate_pro < 4.0b4
Published Dec 31, 2002
Tracked Since Feb 18, 2026