MidnightBSD

Advisories for brs

CVE-2001-0452 MEDIUM

BRS WebWeaver FTP server before 0.64 Beta allows remote attackers to obtain the real pathname of the server via a "CD *" command followed by an ls command.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
brs webweaver 0.50_beta
brs webweaver 0.62_beta
brs webweaver 0.60_beta
brs webweaver 0.61_beta
brs webweaver 0.49_beta
brs webweaver 0.52_beta
brs webweaver 0.51_beta
CVE-2001-0453 MEDIUM

Directory traversal vulnerability in BRS WebWeaver HTTP server allows remote attackers to read arbitrary files via a .. (dot dot) attack in the (1) syshelp, (2) sysimages, or (3) scripts directories.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
brs webweaver 0.50_beta
brs webweaver 0.62_beta
brs webweaver 0.60_beta
brs webweaver 0.61_beta
brs webweaver 0.49_beta
brs webweaver 0.52_beta
brs webweaver 0.51_beta
CVE-2002-1546 HIGH

BRS WebWeaver Web Server 1.01 allows remote attackers to bypass password protections for files and directories via an HTTP request containing a "/./" sequence.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
brs webweaver 1.0.1
CVE-2003-0409 HIGH

Buffer overflow in BRS WebWeaver 1.04 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP (1) POST or (2) HEAD request.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
brs webweaver 1.0.4
CVE-2003-1165 MEDIUM

Buffer overflow in BRS WebWeaver 1.06 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP request with a long User-Agent header.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
brs webweaver 1.0.3
brs webweaver 1.0.4
brs webweaver 0.61_beta
brs webweaver 0.52_beta
brs webweaver 0.51_beta
brs webweaver 0.50_beta
brs webweaver 1.0.5
brs webweaver 0.62_beta
brs webweaver 1.0.6
brs webweaver 0.60_beta
brs webweaver 1.0.1
brs webweaver 1.0.2
brs webweaver 0.63_beta
brs webweaver 0.49_beta