← voltar
CVE-2001-1152

CVE-2001-1152

EPSS 2.4%
Baltimore Technologies WEBsweeper 4.02, when used to manage URL blacklists, allows remote attackers to bypass blacklist restrictions and connect to unauthorized web servers by modifying the requested URL, including (1) a // (double slash), (2) a /SUBDIR/.. where the desired file is in the parentdir, (3) a /./, or (4) URL-encoded characters.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://www.mimesweeper.com/support/technotes/notes/1043.asphttp://www.securityfocus.com/archive/1/212283http://www.securityfocus.com/cgi-bin/vulns-item.pl?section=info&id=3296