CGI Script Center Auction Weaver Username / Bidfile Directory Traversal Vulnerability

Bugtraq ID: 1783
Class: Access Validation Error
CVE:
Remote: Yes
Local: Yes
Published: Oct 12 2000 12:00AM
Updated: Oct 12 2000 12:00AM
Credit: Discovered by Steve Christey <coley@mitre.org> on October 12, 2000.
Vulnerable: CGI Script Center Auction Weaver 1.0 4
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0
 - Redhat Linux 6.2 sparc
 - Redhat Linux 6.2 i386
 - Redhat Linux 6.2 alpha
 - Sun Solaris 8_sparc
 - Sun Solaris 7.0
 CGI Script Center Auction Weaver 1.0 3
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0
 - Redhat Linux 6.2 sparc
 - Redhat Linux 6.2 i386
 - Redhat Linux 6.2 alpha
 - Sun Solaris 8_sparc
 - Sun Solaris 7.0
 CGI Script Center Auction Weaver 1.0 2
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0
 - Redhat Linux 6.2 sparc
 - Redhat Linux 6.2 i386
 - Redhat Linux 6.2 alpha
 - Sun Solaris 8_sparc
 - Sun Solaris 7.0
 CGI Script Center Auction Weaver 1.0 1
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0
 - Redhat Linux 6.2 sparc
 - Redhat Linux 6.2 i386
 - Redhat Linux 6.2 alpha
 - Sun Solaris 8_sparc
 - Sun Solaris 7.0
 CGI Script Center Auction Weaver 1.0
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0
 - Redhat Linux 6.2 sparc
 - Redhat Linux 6.2 i386
 - Redhat Linux 6.2 alpha
 - Sun Solaris 8_sparc
 - Sun Solaris 7.0
Not Vulnerable: CGI Script Center Auction Weaver 1.0 5
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0
 - Redhat Linux 6.2 sparc
 - Redhat Linux 6.2 i386
 - Redhat Linux 6.2 alpha
 - Sun Solaris 8_sparc
 - Sun Solaris 7.0


 

Privacy Statement
Copyright 2010, SecurityFocus