CVE

Id
756  
CVE No.
CVE-1999-0776  
Status
Candidate  
Description
Alibaba HTTP server allows remote attackers to read files via a .. (dot dot) attack.  
Phase
Proposed (19991214)  
Votes
ACCEPT(4) Frech, Levy, Ozancin, Stracener | MODIFY(1) Baker | NOOP(6) Armstrong, Blake, Cole, Landfield, LeBlanc, Wall | REVIEWING(1) Christey  
Comments
Christey> This candidate is unconfirmed by the vendor. | | Posted by Arne Vidstrom. | Blake> I"d like to change my vote on this from ACCEPT to NOOP. I did some | digging and the vendor seems to have discontinued the product, so no | information is available beyond Arne"s post. Unless Andre has a copy | in his archive and can test it, I think we have to leave it out. | Wall> I agree with Blake. We have not seen the product and it has been discontinued. | CHANGE> [Christey changed vote from NOOP to REVIEWING] | Christey> If this is (or was) tested by some tool, we should ACCEPT it. | Baker> http://www.securityfocus.com/bid/270 | Christey> BID:270 | URL:http://www.securityfocus.com/bid/270  

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
1589 756 CVE-1999-0776 NTBUGTRAQ:19990506 ".."-hole in Alibaba 2.0  View
1590 756 CVE-1999-0776 URL:http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind9905&L=NTBUGTRAQ&P=R1533  View

Related JVN