mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
307 lines
11 KiB
JSON
307 lines
11 KiB
JSON
{
|
|
"id": "CVE-2011-0751",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2011-03-16T22:55:04.153",
|
|
"lastModified": "2018-10-09T19:29:45.953",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Directory traversal vulnerability in nhttpd (aka Nostromo webserver) before 1.9.4 allows remote attackers to execute arbitrary programs or read arbitrary files via a ..%2f (encoded dot dot slash) in a URI."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Vulnerabilidad de salto de directorio en nhttpd (tambi\u00e9n conocido como Nostromo webserver) anterior a v1.9.4, permite a atacantes remotos ejecutar programas o leer ficheros de su elecci\u00f3n al utilizar caracteres ..%2f (../ codificada) en una URI."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "PARTIAL",
|
|
"baseScore": 7.5
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 6.4,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-22"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "1.9.3",
|
|
"matchCriteriaId": "1712FA1D-30AE-4CA2-BE43-82B221A76393"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:0.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B40BF39C-D220-43E6-B49F-DF0FEDD3C6C3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:0.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8C14A772-5501-4535-8F20-C03192944931"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:0.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C7CAACE9-0AE1-4193-AF1B-0AAC8D6BD92A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:0.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "89411B49-425D-45CD-A0BA-D1ECEADEFDFD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:0.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "511D6125-BB41-47DB-81BD-8677DF69E575"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:0.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "AE62E8A6-86DA-46F7-8960-1A4227F10BB5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:0.7:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0BF01B03-BEF9-4D57-8D4C-86E63D865039"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:0.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FD82EF21-3560-42BA-9BBA-52ABDABDC306"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:0.9:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B6BC4221-C651-46B0-ABC6-C0DFB734AF53"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:1.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "97980A75-048E-48AA-A8F1-83CAD7A93633"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:1.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7253E0F8-A92E-4815-AB41-388CC5C0A8EA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:1.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E82CEB7C-184B-429D-8325-077DABA2AFF0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:1.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7CAB9758-5148-4911-B5CE-9BEA925A587F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:1.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "43ACA99C-E531-465E-B72D-56F261DBE507"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:1.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "95D887DB-D495-4092-9BCB-9970519FC1F5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:1.5.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "015AB944-7E98-41A2-9F30-8BA58B9123D5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:1.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "16D2B2A6-4E36-4E60-9A82-F83E2BA73458"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:1.7:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E344B7B6-6846-4584-B44D-8A856E50723F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:1.7.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D592BA5D-1384-4779-9184-8186D00861C0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:1.7.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "248EC586-B462-4954-B0FE-7D20E15D948E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:1.7.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E97E995D-E71B-4BE3-89B4-4D1B6F6C4A1A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:1.7.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E8F64C74-78A9-43AD-86A0-005F3AAACD60"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:1.7.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0AB4D9C9-7DB4-4149-999D-1CC8B986E673"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:1.7.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8D4B0FA9-16EB-404E-BEA2-D5E567B4D7E6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:1.7.7:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8DC050F8-EB80-4A49-8DC9-73A8D9D9A3B2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:1.7.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F04F7F2F-1510-4647-9E1F-4556B7B0E418"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:1.7.9:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "25503001-E6E7-4340-8D3A-891CF5F1EB7F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:1.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1C1043CB-BECA-4157-8369-01F48CFD0463"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:1.8.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "731F0A15-34A8-4E99-B0CC-9988F747960E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:1.8.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0FBEC218-FA8D-4442-A7D5-9C148996BCAC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:1.8.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9CB7A6FC-0D8E-4B6B-A7B9-73A86B37F434"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:1.8.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C9EF4710-B396-4625-8044-2D1288C98C48"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:1.8.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8BDCA758-0E92-482E-A318-B7828591B191"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:1.8.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "39202018-5B6F-434D-BB05-5284D7FBAE9A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:1.8.7:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0C7AA722-C8DE-431C-9461-57BE60492E6E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:1.8.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7F2C6E2C-ADEB-4E61-8023-116D55A4A743"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:1.8.9:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B89D8FDC-3501-493F-BEEE-4CE2748F4D2E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:1.9:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "380E61CF-8159-4DD4-A90B-8342DFCFBDE6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:1.9.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "787968DD-0659-4FD4-AA2D-EBAAF936AEBF"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nazgul:nostromo:1.9.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C88C151B-F65C-48A8-9433-8DB88BF71A0D"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://securityreason.com/securityalert/8140",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.nazgul.ch/dev_nostromo.html",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.redteam-pentesting.de/advisories/rt-sa-2011-001",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Exploit"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/archive/1/517026/100/0/threaded",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/46880",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.vupen.com/english/advisories/2011/0674",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66103",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |