CVE-2001-0454
published 2001-06-27CVE-2001-0454: Directory traversal vulnerability in SlimServe HTTPd 1.1a allows remote attackers to read arbitrary files via a ... (modified dot dot) in the HTTP request.
PriorityP426medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
3.43%
87.5th percentile
Directory traversal vulnerability in SlimServe HTTPd 1.1a allows remote attackers to read arbitrary files via a ... (modified dot dot) in the HTTP request.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| whitsoft | slimserve | <= 1.1a | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
WhitSoft SlimServe HTTPd 1.0/1.1 - Directory Traversal
exploitdb·2001-03-04
CVE-2001-0454 WhitSoft SlimServe HTTPd 1.0/1.1 - Directory Traversal
WhitSoft SlimServe HTTPd 1.0/1.1 - Directory Traversal
---
source: https://www.securityfocus.com/bid/14132/info
SlimServe HTTP server is prone to directory traversal attacks due to improper sanitization of user input.
This type of attack allows a malicious user to read files that exist outside of the Web server root directory.
http://www.example.com/.../.../
Exploit-DB
WhitSoft SlimServe ftpd 1.0/2.0 - Directory Traversal
exploitdb·2001-02-28
CVE-2001-0454 WhitSoft SlimServe ftpd 1.0/2.0 - Directory Traversal
WhitSoft SlimServe ftpd 1.0/2.0 - Directory Traversal
---
source: https://www.securityfocus.com/bid/2452/info
SlimServ FTPd is a free ftp server distributed and maintained by WhitSoft Development. SlimServe FTPd is designed to offer ftp services to the Microsoft Windows platform.
A problem with the SlimSoft FTP daemon allows remote users to traverse directories outside of the ftp root. Due to the insufficient checking of input, it is possible for a user to escape the ftp root directory by using relative paths. By requesting a directory change of "..." (three dots), it is possible to gain access to the root directory of the partition the ftp server is running on, and potentially gain access to sensitive system files.
Therefore, it is possible for a remote malicious user to gain access
No writeups or analysis indexed.
2001-06-27
Published