Description
Directory traversal vulnerability in SimpleServer:WWW 1.13 and earlier allows remote attackers to execute arbitrary programs via encoded ../ ("%2E%2E%2F%") sequences in a request to the cgi-bin/ directory, a different vulnerability than CVE-2000-0664.
Affected products
- analogx / simpleserver_www1.13
- analogx / simpleserver_www1.0.8 – 1.0.8
- analogx / simpleserver_www1.01 – 1.01
- analogx / simpleserver_www1.03 – 1.03
- analogx / simpleserver_www1.04 – 1.04
- analogx / simpleserver_www1.05 – 1.05
- analogx / simpleserver_www1.06 – 1.06