CVE-2000-0149
published 2000-02-08CVE-2000-0149: Zeus web server allows remote attackers to view the source code for CGI programs via a null character (%00) at the end of a URL.
PriorityP424medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
7.38%
93.6th percentile
Zeus web server allows remote attackers to view the source code for CGI programs via a null character (%00) at the end of a URL.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| zeus_technologies | zeus_web_server | — | — |
| zeus_technologies | zeus_web_server | — | — |
| zeus_technologies | zeus_web_server | — | — |
| zeus_technologies | zeus_web_server | — | — |
| zeus_technologies | zeus_web_server | — | — |
| zeus_technologies | zeus_web_server | — | — |
| zeus_technologies | zeus_web_server | — | — |
| zeus_technologies | zeus_web_server | — | — |
| zeus_technologies | zeus_web_server | — | — |
| zeus_technologies | zeus_web_server | — | — |
| zeus_technologies | zeus_web_server | — | — |
| zeus_technologies | zeus_web_server | — | — |
| zeus_technologies | zeus_web_server | — | — |
| zeus_technologies | zeus_web_server | — | — |
| zeus_technologies | zeus_web_server | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Microsoft Windows Script Host 5.1/5.5 - 'GetObject()' File Disclosure
exploitdb·2000-09-26
CVE-2001-0149 Microsoft Windows Script Host 5.1/5.5 - 'GetObject()' File Disclosure
Microsoft Windows Script Host 5.1/5.5 - 'GetObject()' File Disclosure
---
source: https://www.securityfocus.com/bid/1718/info
It is possible for an outside attacker to view known files on a remote system if the target user visits a website or opens an email containing a specially formed script containing the JScript function 'GetObject()' and the ActiveX object 'htmlfile'. Microsoft Internet Explorer or Outlook Express will grant full access to the DOM of a HTML document object if the following code is inserted into HTML formatted document (the 'I" in SCRIPT has been replaced with a "!"):
alert("Alert Message");
a=GetObject("c:\\path\filename.ext","htmlfile");
setTimeout("alert(a.body.innerText);",2000);
A malicious website operator may be able to view any known file on a remote sy
Exploit-DB
Zeus Web Server 3.x - Null Terminated Strings
exploitdb·2000-02-08
CVE-2000-0149 Zeus Web Server 3.x - Null Terminated Strings
Zeus Web Server 3.x - Null Terminated Strings
---
source: https://www.securityfocus.com/bid/977/info
Appending "%00" to the end of a CGI script filename will permit a remote client to view full contents of the script if the CGI module option "allow CGIs anywhere" is enabled. Scripts located in directories which are designated as executable (eg. \cgi-bin) are not vulnerable to this exploit.
http ://target/script.cgi%00
"%00" may be replaced with "%G0", "%W0", "%EW", "%FG", "%UW", or "%VG" in order to achieve the same results.
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/bugtraq/2000-02/0057.htmlhttp://www.osvdb.org/254http://www.securityfocus.com/bid/977https://exchange.xforce.ibmcloud.com/vulnerabilities/3982http://archives.neohapsis.com/archives/bugtraq/2000-02/0057.htmlhttp://www.osvdb.org/254http://www.securityfocus.com/bid/977https://exchange.xforce.ibmcloud.com/vulnerabilities/3982
2000-02-08
Published