Vulnerability Description
Directory traversal vulnerability in iWeb Server 2 allows remote attackers to read arbitrary files via an HTTP request containing URL-encoded .. sequences ("%5c%2e%2e"), a different vulnerability than CVE-2003-0474.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ashley Brown | Iweb Server | All versions |
References
- http://marc.info/?l=bugtraq&m=105640001823769&w=2
- http://marc.info/?l=bugtraq&m=105673543626636&w=2
- http://marc.info/?l=bugtraq&m=105640001823769&w=2
- http://marc.info/?l=bugtraq&m=105673543626636&w=2
FAQ
What is CVE-2003-0475?
CVE-2003-0475 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Directory traversal vulnerability in iWeb Server 2 allows remote attackers to read arbitrary files via an HTTP request containing URL-encoded .. sequences ("%5c%2e%2e"), a different vulnerability than...
How severe is CVE-2003-0475?
CVE-2003-0475 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-0475?
Check the references section above for vendor advisories and patch information. Affected products include: Ashley Brown Iweb Server.