CVE-2000-1005
published 2000-12-11CVE-2000-1005: Directory traversal vulnerability in html_web_store.cgi and web_store.cgi CGI programs in eXtropia WebStore allows remote attackers to read arbitrary files via…
PriorityP425medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
3.67%
88.3th percentile
Directory traversal vulnerability in html_web_store.cgi and web_store.cgi CGI programs in eXtropia WebStore allows remote attackers to read arbitrary files via a .. (dot dot) attack on the page parameter.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| extropia | extropia_webstore | — | — |
| extropia | extropia_webstore | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
extropia webstore 1.0/2.0 - Directory Traversal
exploitdb·2000-10-09
CVE-2000-1005 extropia webstore 1.0/2.0 - Directory Traversal
extropia webstore 1.0/2.0 - Directory Traversal
---
source: https://www.securityfocus.com/bid/1774/info
Extropia WebStore is an e-commerce shopping cart application consisting of routines for error handling, order processing, encrypted mailing, frames, Javascript and VBscript.
The routine web_store.cgi does not properly handle the $file_extension variable if null characters are used.
For example if the following URL was requested, the file in question would not be delivered to the user:
http://target/cgi-bin/Web_Store/web_store.cgi?page=../../../path/filename.ext
However, by using the escaped character "%00", the requested file would be accessed successfully:
http://target/cgi-bin/Web_Store/web_store.cgi?page=../../../path/filename%00ext
Successful exploitation could lead to a rem
Exploit-DB
RedHat Linux 6.0 - Single User Mode Authentication
exploitdb·2000-02-23
CVE-2000-0219 RedHat Linux 6.0 - Single User Mode Authentication
RedHat Linux 6.0 - Single User Mode Authentication
---
source: https://www.securityfocus.com/bid/1005/info
A vulnerability exists in the manner in which RedHat Linux 6.0 protects the obtaining of a shell by booting single user mode. RedHat will prompt for the root password upon entering single user mode. Pressing ^C (causing a SIGINT to be sent) immediately results in a root shell being made available.
boot single user from lilo, and press ^C (control-C)
No writeups or analysis indexed.
2000-12-11
Published