Details of VAR-200108-0065

ID

VAR-200108-0065

CVE

CVE-2001-0555

TITLE

ScreamingMedia SITEware does not adequately validate user input thereby allowing arbitrary file disclosure via directory traversal

Trust: 0.8

sources: CERT/CC: VU#795707

DESCRIPTION

ScreamingMedia SITEWare versions 2.5 through 3.1 allows a remote attacker to read world-readable files via a .. (dot dot) attack through (1) the SITEWare Editor's Desktop or (2) the template parameter in SWEditServlet. Microsoft IIS Is URL If the redirect is valid, Code Red Service operation is affected by the worm (DoS) A condition may occur.Microsoft IIS Service disruption (DoS) It may be in a state. Due to the inproper handling of URL redirection in IIS 4.0, it is possible to cause a host to stop responding. This vulnerability is currently being exploited by the 'Code Red' worm. Upon the worm sending a request attempting to infect the target host, IIS 4.0 will inproperly handle the unusal length of the request and fail. A restart of the service is required in order to gain normal functionality. It should be noted that the 'Code Red' worm attempts to exploit a previously discovered vulnerability BID 2880. Due to a flaw in SiteWare Editor's Desk, it is possible for a user to gain read access of known files residing on a SiteWare host. This is accomplished by crafting a URL containing double dot '../' sequences along with the relative path to a known file

Trust: 2.88

sources: NVD: CVE-2001-0555 // CERT/CC: VU#795707 // JVNDB: JVNDB-2001-000128 // BID: 3191 // BID: 2869

AFFECTED PRODUCTS

vendor:	microsoft	model:	iis	scope:	eq	version:	4.0	Trust: 1.1
vendor:	screaming media	model:	siteware	scope:	lte	version:	3.1	Trust: 1.0
vendor:	screamingmedia	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	screaming media	model:	siteware	scope:	eq	version:	3.1	Trust: 0.6
vendor:	screaming	model:	media siteware	scope:	eq	version:	3.1	Trust: 0.3
vendor:	screaming	model:	media siteware	scope:	eq	version:	3.02	Trust: 0.3
vendor:	screaming	model:	media siteware	scope:	eq	version:	3.01	Trust: 0.3
vendor:	screaming	model:	media siteware	scope:	eq	version:	3.0	Trust: 0.3
vendor:	screaming	model:	media siteware	scope:	eq	version:	2.501	Trust: 0.3
vendor:	screaming	model:	media siteware	scope:	eq	version:	2.5	Trust: 0.3
vendor:	screaming	model:	media siteware	scope:	ne	version:	3.1.1	Trust: 0.3
vendor:	screaming	model:	media siteware	scope:	ne	version:	2.5.1	Trust: 0.3

sources: CERT/CC: VU#795707 // BID: 3191 // BID: 2869 // JVNDB: JVNDB-2001-000128 // CNNVD: CNNVD-200108-083 // NVD: CVE-2001-0555

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2001-0555
value:	HIGH
Trust: 1.0
CARNEGIE MELLON:	VU#795707
value:	37.80
Trust: 0.8
NVD:	CVE-2001-0555
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-200108-083
value:	CRITICAL
Trust: 0.6

nvd@nist.gov:	CVE-2001-0555
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8

sources: CERT/CC: VU#795707 // JVNDB: JVNDB-2001-000128 // CNNVD: CNNVD-200108-083 // NVD: CVE-2001-0555

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2001-0555

THREAT TYPE

network

Trust: 0.6

sources: BID: 3191 // BID: 2869

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-200108-083

CONFIGURATIONS

sources: JVNDB: JVNDB-2001-000128

PATCH

title:	MS01-044	url:	http://www.microsoft.com/technet/security/bulletin/MS01-044.mspx	Trust: 0.8
title:	MS01-044	url:	http://www.microsoft.com/japan/technet/security/bulletin/MS01-044.mspx	Trust: 0.8

sources: JVNDB: JVNDB-2001-000128

EXTERNAL IDS

db:	BID	id:	2869	Trust: 2.7
db:	CERT/CC	id:	VU#795707	Trust: 2.4
db:	NVD	id:	CVE-2001-0555	Trust: 2.4
db:	OSVDB	id:	13887	Trust: 1.6
db:	BID	id:	3191	Trust: 1.1
db:	JVNDB	id:	JVNDB-2001-000128	Trust: 0.8
db:	BUGTRAQ	id:	20010613 SCREAMINGMEDIA SITEWARE SOURCE CODE DISCLOSURE VULNERABILITY	Trust: 0.6
db:	BUGTRAQ	id:	20010613 SCREAMINGMEDIA SITEWARE ARBITRARY FILE RETRIEVAL VULNERABILITY	Trust: 0.6
db:	XF	id:	6689	Trust: 0.6
db:	CNNVD	id:	CNNVD-200108-083	Trust: 0.6

sources: CERT/CC: VU#795707 // BID: 3191 // BID: 2869 // JVNDB: JVNDB-2001-000128 // CNNVD: CNNVD-200108-083 // NVD: CVE-2001-0555

REFERENCES

url:	http://www.securityfocus.com/bid/2869	Trust: 2.4
url:	http://www01.screamingmedia.com/en/security/sms1001.php	Trust: 1.9
url:	http://www.kb.cert.org/vuls/id/795707	Trust: 1.6
url:	http://www.osvdb.org/13887	Trust: 1.6
url:	http://archives.neohapsis.com/archives/bugtraq/2001-06/0166.html	Trust: 1.6
url:	http://archives.neohapsis.com/archives/bugtraq/2001-06/0165.html	Trust: 1.6
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/6689	Trust: 1.0
url:	http://www.screamingmedia.com/security/sms1001.php	Trust: 0.8
url:	http://www.foundstone.com/cgi-bin/display.cgi?content_id=326	Trust: 0.8
url:	http://www01.screamingmedia.com/en/technology_services/syndication_connect/faq.php	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2001-0555	Trust: 0.8
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2001-0555	Trust: 0.8
url:	http://www.securityfocus.com/bid/3191	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/6689	Trust: 0.6
url:	http://www.microsoft.com/technet/treeview/default.asp?url=/technet/itsolutions/security/topics/codealrt.asp	Trust: 0.3
url:	http://www.cert.org/incident_notes/in-2001-10.html	Trust: 0.3
url:	http://www.microsoft.com/technet/security/bulletin/ms01-033.asp	Trust: 0.3
url:	http://www.microsoft.com/technet/security/bulletin/ms01-044.asp	Trust: 0.3
url:	http://www.microsoft.com/technet/security	Trust: 0.3
url:	http://www.securityfocus.com/vdb/bottom.html?vid=2880	Trust: 0.3
url:	http://www.screamingmedia.com/	Trust: 0.3

sources: CERT/CC: VU#795707 // BID: 3191 // BID: 2869 // JVNDB: JVNDB-2001-000128 // CNNVD: CNNVD-200108-083 // NVD: CVE-2001-0555

CREDITS

Discovered by Mike Shema (mike.shema@foundstone.com) on June 11, 2001 and posted to Bugtraq on June 13, 2001.

Trust: 0.9

sources: BID: 2869 // CNNVD: CNNVD-200108-083

SOURCES

db:	CERT/CC	id:	VU#795707
db:	BID	id:	3191
db:	BID	id:	2869
db:	JVNDB	id:	JVNDB-2001-000128
db:	CNNVD	id:	CNNVD-200108-083
db:	NVD	id:	CVE-2001-0555

LAST UPDATE DATE

2024-08-14T13:40:44.751000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#795707	date:	2002-12-16T00:00:00
db:	BID	id:	3191	date:	2001-08-16T00:00:00
db:	BID	id:	2869	date:	2001-06-11T00:00:00
db:	JVNDB	id:	JVNDB-2001-000128	date:	2007-04-01T00:00:00
db:	CNNVD	id:	CNNVD-200108-083	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2001-0555	date:	2017-07-11T01:29:04.493

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#795707	date:	2001-06-22T00:00:00
db:	BID	id:	3191	date:	2001-08-16T00:00:00
db:	BID	id:	2869	date:	2001-06-11T00:00:00
db:	JVNDB	id:	JVNDB-2001-000128	date:	2007-04-01T00:00:00
db:	CNNVD	id:	CNNVD-200108-083	date:	2001-08-14T00:00:00
db:	NVD	id:	CVE-2001-0555	date:	2001-08-14T04:00:00