Vulnerability Description
Directory traversal vulnerability in IBM Tivoli WebSEAL Policy Director 3.01 through 3.7.1 allows remote attackers to read arbitrary files or directories via encoded .. (dot dot) sequences containing "%2e" strings.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Tivoli Secureway Policy Director | 3.0.1 |
References
- ftp://ftp.tivoli.com/support/patches/patches_3.7.1/3.7.1-POL-0003/3.7.1-POL-0003PatchVendor Advisory
- http://archives.neohapsis.com/archives/bugtraq/2001-07/0497.htmlPatchVendor Advisory
- http://www-1.ibm.com/support/search.wss?rs=0&q=IY18152&apar=only
- http://www.osvdb.org/1908
- http://www.securityfocus.com/bid/3080PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6884
- ftp://ftp.tivoli.com/support/patches/patches_3.7.1/3.7.1-POL-0003/3.7.1-POL-0003PatchVendor Advisory
- http://archives.neohapsis.com/archives/bugtraq/2001-07/0497.htmlPatchVendor Advisory
- http://www-1.ibm.com/support/search.wss?rs=0&q=IY18152&apar=only
- http://www.osvdb.org/1908
- http://www.securityfocus.com/bid/3080PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6884
FAQ
What is CVE-2001-0982?
CVE-2001-0982 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Directory traversal vulnerability in IBM Tivoli WebSEAL Policy Director 3.01 through 3.7.1 allows remote attackers to read arbitrary files or directories via encoded .. (dot dot) sequences containing ...
How severe is CVE-2001-0982?
CVE-2001-0982 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-0982?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Tivoli Secureway Policy Director.