CVE-2011-2474
published 2011-06-09CVE-2011-2474: Directory traversal vulnerability in the HTTP Server in Sybase EAServer 6.3.1 Developer Edition allows remote attackers to read arbitrary files via a…
PriorityP275medium5CVSS 2.0
AVNACLAuNCPINAN
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
63.61%
99.1th percentile
Directory traversal vulnerability in the HTTP Server in Sybase EAServer 6.3.1 Developer Edition allows remote attackers to read arbitrary files via a /.\../\../\ sequence in a path.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sybase | easerver | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect HTTP requests containing the mixed-slash traversal sequence '/.\./../\..\/` in the URI path, which is the specific pattern used to exploit this vulnerability in Sybase EAServer 6.3.1. ↗
- →Monitor HTTP traffic on port 8000 targeting Sybase EAServer's embedded Jetty web server for directory traversal patterns. ↗
- ·Code execution via this traversal is unlikely unless the EAServer web server is configured with WRITE permission — exploitation in default configurations is limited to arbitrary file read. ↗
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
vulncheck5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-26p6-8m4j-3q9m: Directory traversal vulnerability in the HTTP Server in Sybase EAServer 6
ghsa_unreviewed·2022-05-17
CVE-2011-2474 [MEDIUM] CWE-22 GHSA-26p6-8m4j-3q9m: Directory traversal vulnerability in the HTTP Server in Sybase EAServer 6
Directory traversal vulnerability in the HTTP Server in Sybase EAServer 6.3.1 Developer Edition allows remote attackers to read arbitrary files via a /.\../\../\ sequence in a path.
VulnCheck
sybase easerver Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
vulncheck·2011·CVSS 5.0
CVE-2011-2474 [MEDIUM] sybase easerver Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
sybase easerver Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Directory traversal vulnerability in the HTTP Server in Sybase EAServer 6.3.1 Developer Edition allows remote attackers to read arbitrary files via a /.\../\../\ sequence in a path.
Affected: sybase easerver
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://blog.checkpoint.com/security/december-2021s-most-wanted-malware-trickbot-emotet-and-the-log4j-plague/; https://blog.checkpoint.com/security/april-2022s-most-wanted-malware-a-shake-up-in-the-index-but-emotet-is-still-on-top/; https://blog.checkpoint.com/security/april-2024s-most-wanted-malware-surge-in-a
No detection rules found.
No writeups or analysis indexed.
2011-06-09
Published
Exploited in the wild