Vulnerability Description
ext.dll in BadBlue 1.02.07 Personal Edition web server allows remote attackers to determine the physical path of the server by directly calling ext.dll without any arguments, which produces an error message that contains the path.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Working Resources Inc. | Badblue | 1.2.7 |
References
- http://marc.info/?l=bugtraq&m=98263019502565&w=2
- http://www.badblue.com/p010219.htm
- http://www.securityfocus.com/bid/2390ExploitPatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6130
- http://marc.info/?l=bugtraq&m=98263019502565&w=2
- http://www.badblue.com/p010219.htm
- http://www.securityfocus.com/bid/2390ExploitPatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6130
FAQ
What is CVE-2001-0276?
CVE-2001-0276 is a vulnerability with a CVSS score of 6.4 (MEDIUM). ext.dll in BadBlue 1.02.07 Personal Edition web server allows remote attackers to determine the physical path of the server by directly calling ext.dll without any arguments, which produces an error m...
How severe is CVE-2001-0276?
CVE-2001-0276 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-0276?
Check the references section above for vendor advisories and patch information. Affected products include: Working Resources Inc. Badblue.