cbcvebase.
CVE-2011-2474
published 2011-06-09

CVE-2011-2474: Directory traversal vulnerability in the HTTP Server in Sybase EAServer 6.3.1 Developer Edition allows remote attackers to read arbitrary files via a…

PriorityP275medium5CVSS 2.0
AVNACLAuNCPINAN
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
63.61%
99.1th percentile
Directory traversal vulnerability in the HTTP Server in Sybase EAServer 6.3.1 Developer Edition allows remote attackers to read arbitrary files via a /.\../\../\ sequence in a path.

Affected

1 ranges
VendorProductVersion rangeFixed in
sybaseeaserver

Detection & IOCsextracted from sources · hover to see the quote

url/.\./../\..\/
port8000
  • Detect HTTP requests containing the mixed-slash traversal sequence '/.\./../\..\/` in the URI path, which is the specific pattern used to exploit this vulnerability in Sybase EAServer 6.3.1.
  • Monitor HTTP traffic on port 8000 targeting Sybase EAServer's embedded Jetty web server for directory traversal patterns.
  • ·Code execution via this traversal is unlikely unless the EAServer web server is configured with WRITE permission — exploitation in default configurations is limited to arbitrary file read.

CVSS provenance

nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
vulncheck5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.