5

CVE-2002-1581

Exploit
Directory traversal vulnerability in nph-mr.cgi in Mailreader.com 2.3.20 through 2.3.31 allows remote attackers to view arbitrary files via .. (dot dot) sequences and a null byte (%00) in the configLanguage parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Mailreader.ComMailreader.Com Version2.3.20
Mailreader.ComMailreader.Com Version2.3.21
Mailreader.ComMailreader.Com Version2.3.22
Mailreader.ComMailreader.Com Version2.3.23
Mailreader.ComMailreader.Com Version2.3.24
Mailreader.ComMailreader.Com Version2.3.25
Mailreader.ComMailreader.Com Version2.3.26
Mailreader.ComMailreader.Com Version2.3.27
Mailreader.ComMailreader.Com Version2.3.28
Mailreader.ComMailreader.Com Version2.3.29
Mailreader.ComMailreader.Com Version2.3.30
Mailreader.ComMailreader.Com Version2.3.31
DebianDebian Linux Version3.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 7.64% 0.938
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://mailreader.com/download/ChangeLog
http://www.debian.org/security/2004/dsa-534
Patch
Vendor Advisory
http://www.iss.net/security_center/static/10490.php
Patch
Vendor Advisory
http://www.securityfocus.com/archive/1/297428
Patch
Vendor Advisory
Exploit
http://www.securityfocus.com/bid/6055
Patch
Vendor Advisory
Exploit