← back
CVE-2004-2617

CVE-2004-2617

EPSS 3.8%
Directory traversal vulnerability in Pegasi Web Server (PWS) 0.2.2 allows remote attackers to read files outside of the web root via a .. (dot dot) directly after the initial '/' (slash) in the URI.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/23802unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://archives.neohapsis.com/archives/bugtraq/2004-03/0109.htmlhttp://archives.neohapsis.com/archives/bugtraq/2004-03/0136.htmlhttp://secunia.com/advisories/11122https://exchange.xforce.ibmcloud.com/vulnerabilities/15435http://sourceforge.net/forum/forum.php?forum_id=359660http://www.autistici.org/fdonato/advisory/pws0.2.2-adv.txthttp://www.osvdb.org/4254http://www.securityfocus.com/bid/9847