var-200212-0467
Vulnerability from variot
Directory traversal vulnerability in CodeBrws.asp in Microsoft IIS 5.0 allows remote attackers to view source code and determine the existence of arbitrary files via a hex-encoded "%c0%ae%c0%ae" string, which is the Unicode representation for ".." (dot dot). ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ Microsoft IIS 5.0 There is a problem with disclosing the source of a file. Microsoft IIS 5.0 Contains sample files for demonstration purposes. These demonstration sample files are .asp , .inc , .htm , .html Etc. and exist under the web root directory. IIS 5.0 of Internet Service Manager One of the sample programs used by codebrws.asp There is a file called. codebrws.asp There is a flaw in the handling of Unicode characters in the URL, so using this file may allow an attacker to obtain the source of the file that exists under the web root directory. You can get the source .html , .htm , .asp , .inc Limited to files with the above extensions. Default setting IIS 5.0 So remotely codebrws.asp Since it is not possible to access, only local attacks will succeed unless the setting is changed intentionally.Please refer to the “Overview” for the impact of this vulnerability. However, this script (CodeBrws.asp) does not adequately filter unicode representations of directory traversals. For example, an attacker can break out of the sample script directory by substituting '%c0%ae%c0%ae' for '..' in a dot-dot-slash directory traversal attack. It has been demonstrated that this issue may be exploited to map out the directory structure of the filesystem on a host running the vulnerable script. This may allow an attacker to view, for example, .aspx files used by the .NET architecture. If used in conjunction with the issues discussed in BID 4525, this may expose files outside of the sample script directory
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200212-0467",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "internet information services",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "5.0"
},
{
"model": "iis",
"scope": "eq",
"trust": 1.4,
"vendor": "microsoft",
"version": "5.0"
},
{
"model": "internet information server",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "5.0"
}
],
"sources": [
{
"db": "BID",
"id": "4525"
},
{
"db": "BID",
"id": "4543"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000094"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-845"
},
{
"db": "NVD",
"id": "CVE-2002-1744"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:microsoft:iis",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2002-000094"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "H D Moore\u203b hdm@metasploit.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-845"
}
],
"trust": 0.6
},
"cve": "CVE-2002-1744",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2002-1744",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2002-1744",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2002-1744",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200212-845",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2002-000094"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-845"
},
{
"db": "NVD",
"id": "CVE-2002-1744"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Directory traversal vulnerability in CodeBrws.asp in Microsoft IIS 5.0 allows remote attackers to view source code and determine the existence of arbitrary files via a hex-encoded \"%c0%ae%c0%ae\" string, which is the Unicode representation for \"..\" (dot dot). ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ Microsoft IIS 5.0 There is a problem with disclosing the source of a file. Microsoft IIS 5.0 Contains sample files for demonstration purposes. These demonstration sample files are .asp , .inc , .htm , .html Etc. and exist under the web root directory. IIS 5.0 of Internet Service Manager One of the sample programs used by codebrws.asp There is a file called. codebrws.asp There is a flaw in the handling of Unicode characters in the URL, so using this file may allow an attacker to obtain the source of the file that exists under the web root directory. You can get the source .html , .htm , .asp , .inc Limited to files with the above extensions. Default setting IIS 5.0 So remotely codebrws.asp Since it is not possible to access, only local attacks will succeed unless the setting is changed intentionally.Please refer to the \u201cOverview\u201d for the impact of this vulnerability. However, this script (CodeBrws.asp) does not adequately filter unicode representations of directory traversals. For example, an attacker can break out of the sample script directory by substituting \u0027%c0%ae%c0%ae\u0027 for \u0027..\u0027 in a dot-dot-slash directory traversal attack. \nIt has been demonstrated that this issue may be exploited to map out the directory structure of the filesystem on a host running the vulnerable script. This may allow an attacker to view, for example, .aspx files used by the .NET architecture. \nIf used in conjunction with the issues discussed in BID 4525, this may expose files outside of the sample script directory",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1744"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000094"
},
{
"db": "BID",
"id": "4525"
},
{
"db": "BID",
"id": "4543"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "4525",
"trust": 3.0
},
{
"db": "NVD",
"id": "CVE-2002-1744",
"trust": 2.4
},
{
"db": "BID",
"id": "4543",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000094",
"trust": 0.8
},
{
"db": "XF",
"id": "8853",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "2598",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200212-845",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "4525"
},
{
"db": "BID",
"id": "4543"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000094"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-845"
},
{
"db": "NVD",
"id": "CVE-2002-1744"
}
]
},
"id": "VAR-200212-0467",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2024-11-22T23:12:09.475000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.microsoft.com/ja/jp/default.aspx"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2002-000094"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1744"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://www.securityfocus.com/bid/4525"
},
{
"trust": 2.0,
"url": "http://online.securityfocus.com/archive/1/267945"
},
{
"trust": 2.0,
"url": "http://online.securityfocus.com/archive/1/268065"
},
{
"trust": 2.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8853"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-1744"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-1744"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/4543"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/8853"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/2598"
},
{
"trust": 0.3,
"url": "http://online.securityfocus.com/bid/4525"
}
],
"sources": [
{
"db": "BID",
"id": "4543"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000094"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-845"
},
{
"db": "NVD",
"id": "CVE-2002-1744"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "4525"
},
{
"db": "BID",
"id": "4543"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000094"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-845"
},
{
"db": "NVD",
"id": "CVE-2002-1744"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-04-16T00:00:00",
"db": "BID",
"id": "4525"
},
{
"date": "2002-04-18T00:00:00",
"db": "BID",
"id": "4543"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2002-000094"
},
{
"date": "2002-04-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-845"
},
{
"date": "2002-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2002-1744"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-04-16T00:00:00",
"db": "BID",
"id": "4525"
},
{
"date": "2002-04-18T00:00:00",
"db": "BID",
"id": "4543"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2002-000094"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-845"
},
{
"date": "2024-11-20T23:42:00.783000",
"db": "NVD",
"id": "CVE-2002-1744"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "4525"
},
{
"db": "BID",
"id": "4543"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Microsoft IIS of CodeBrws.asp Vulnerable to directory traversal",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2002-000094"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "4525"
},
{
"db": "BID",
"id": "4543"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.