CVE-2002-0124 - OpenCVE

MDG Computer Services Web Server 4D/eCommerce 3.5.3 allows remote attackers to exploit directory traversal vulnerability via a ../ (dot dot) containing URL-encoded slashes in the HTTP request.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Mdg Computer Services	Web Server 4d Ecommerce

Configuration 1 [-]

cpe:2.3:a:mdg_computer_services:web_server_4d_ecommerce:3.5.3:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://online.securityfocus.com/archive/1/250231
http://www.iss.net/security_center/static/7878.php
http://www.securityfocus.com/bid/3872

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2002-03-15T05:00:00

Updated: 2024-08-08T02:35:17.573Z

Reserved: 2002-03-15T00:00:00

Link: CVE-2002-0124

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2002-03-25T05:00:00.000

Modified: 2008-09-11T00:00:33.087

Link: CVE-2002-0124

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2002-01-14T00:00:00", "descriptions": [{"lang": "en", "value": "MDG Computer Services Web Server 4D/eCommerce 3.5.3 allows remote attackers to exploit directory traversal vulnerability via a ../ (dot dot) containing URL-encoded slashes in the HTTP request."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2002-03-22T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "ws4d-dot-directory-traversal(7878)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "http://www.iss.net/security_center/static/7878.php"}, {"name": "3872", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/3872"}, {"name": "20020114 Web Server 4D/eCommerce 3.5.3 Directory Traversal Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://online.securityfocus.com/archive/1/250231"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-0124", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "MDG Computer Services Web Server 4D/eCommerce 3.5.3 allows remote attackers to exploit directory traversal vulnerability via a ../ (dot dot) containing URL-encoded slashes in the HTTP request."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ws4d-dot-directory-traversal(7878)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/7878.php"}, {"name": "3872", "refsource": "BID", "url": "http://www.securityfocus.com/bid/3872"}, {"name": "20020114 Web Server 4D/eCommerce 3.5.3 Directory Traversal Vulnerability", "refsource": "BUGTRAQ", "url": "http://online.securityfocus.com/archive/1/250231"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T02:35:17.573Z"}, "title": "CVE Program Container", "references": [{"name": "ws4d-dot-directory-traversal(7878)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "http://www.iss.net/security_center/static/7878.php"}, {"name": "3872", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/3872"}, {"name": "20020114 Web Server 4D/eCommerce 3.5.3 Directory Traversal Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://online.securityfocus.com/archive/1/250231"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-0124", "datePublished": "2002-03-15T05:00:00", "dateReserved": "2002-03-15T00:00:00", "dateUpdated": "2024-08-08T02:35:17.573Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}