CVE-2002-1864
published 2002-12-31CVE-2002-1864: Directory traversal vulnerability in Simple Web Server (SWS) 0.0.4 through 0.1.0 allows remote attackers to read arbitrary files via a ".." (dot dot) in an…
PriorityP432medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
17.77%
96.8th percentile
Directory traversal vulnerability in Simple Web Server (SWS) 0.0.4 through 0.1.0 allows remote attackers to read arbitrary files via a ".." (dot dot) in an HTTP request.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sws | sws_simple_web_server | — | — |
| sws | sws_simple_web_server | — | — |
| sws | sws_simple_web_server | — | — |
| sws | sws_simple_web_server | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect HTTP requests containing ".." (dot dot) sequences in the URI path targeting Simple Web Server (SWS) versions 0.0.4 through 0.1.0, indicative of directory traversal attempts. ↗
- →A Metasploit auxiliary scanner module exists for this vulnerability targeting Simple Web Server 2.3-RC1; presence of this module's traffic patterns (directory traversal HTTP GET requests) should be monitored. ↗
- ·The NVD entry references versions 0.0.4 through 0.1.0, while the Metasploit module targets version 2.3-RC1, indicating the vulnerability may span a broader version range than originally documented. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/bugtraq/2002-09/0047.htmlhttp://www.iss.net/security_center/static/10070.phphttp://www.securityfocus.com/bid/5662http://archives.neohapsis.com/archives/bugtraq/2002-09/0047.htmlhttp://www.iss.net/security_center/static/10070.phphttp://www.securityfocus.com/bid/5662
2002-12-31
Published