Brs: >> Webweaver >> 0.60_beta Security Vulnerabilities
Buffer overflow in BRS WebWeaver 1.06 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP request with a long User-Agent header.
CVSS Score
5.0
EPSS Score
0.082
Published
2003-12-31
BRS WebWeaver FTP server before 0.64 Beta allows remote attackers to obtain the real pathname of the server via a "CD *" command followed by an ls command.
CVSS Score
5.0
EPSS Score
0.034
Published
2001-06-27
Directory traversal vulnerability in BRS WebWeaver HTTP server allows remote attackers to read arbitrary files via a .. (dot dot) attack in the (1) syshelp, (2) sysimages, or (3) scripts directories.
CVSS Score
5.0
EPSS Score
0.009
Published
2001-06-27