Vulnerability Description
UploadServlet in Bajie HTTP JServer 0.78, and possibly other versions before 0.80, allows remote attackers to execute arbitrary commands by calling the servlet to upload a program, then using a ... (modified ..) to access the file that was created for the program.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bajie | Java Http Server | <= 0.79 |
Related Weaknesses (CWE)
References
- http://archives.neohapsis.com/archives/bugtraq/2001-02/0314.htmlExploitVendor Advisory
- http://www.geocities.com/gzhangx/websrv/docs/security.html
- http://www.securityfocus.com/bid/2388ExploitVendor Advisory
- http://archives.neohapsis.com/archives/bugtraq/2001-02/0314.htmlExploitVendor Advisory
- http://www.geocities.com/gzhangx/websrv/docs/security.html
- http://www.securityfocus.com/bid/2388ExploitVendor Advisory
FAQ
What is CVE-2001-0308?
CVE-2001-0308 is a vulnerability with a CVSS score of 7.5 (HIGH). UploadServlet in Bajie HTTP JServer 0.78, and possibly other versions before 0.80, allows remote attackers to execute arbitrary commands by calling the servlet to upload a program, then using a ... (m...
How severe is CVE-2001-0308?
CVE-2001-0308 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-0308?
Check the references section above for vendor advisories and patch information. Affected products include: Bajie Java Http Server.