Vulnerability Details CVE-2001-0308
UploadServlet in Bajie HTTP JServer 0.78, and possibly other versions before 0.80, allows remote attackers to execute arbitrary commands by calling the servlet to upload a program, then using a ... (modified ..) to access the file that was created for the program.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.079
EPSS Ranking 91.6%
CVSS Severity
CVSS v2 Score 7.5
References
- http://archives.neohapsis.com/archives/bugtraq/2001-02/0314.html
- http://www.geocities.com/gzhangx/websrv/docs/security.html
- http://www.securityfocus.com/bid/2388
- http://archives.neohapsis.com/archives/bugtraq/2001-02/0314.html
- http://www.geocities.com/gzhangx/websrv/docs/security.html
- http://www.securityfocus.com/bid/2388
Products affected by CVE-2001-0308
-
cpe:2.3:a:bajie:java_http_server:*