Alibaba HTTP server allows remote attackers to read files via a .. (dot dot) attack.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| computer_software_manufaktur | alibaba | 2.0 |
Alibaba web server allows remote attackers to execute commands via a pipe character in a malformed URL.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| computer_software_manufaktur | alibaba | 2.0 |
Buffer overflow in CSM Proxy 4.1 allows remote attackers to cause a denial of service (crash) via a long string to the FTP port.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| computer_software_manufaktur | csm_proxy | 4.1 |
genkey utility in Alibaba 2.0 generates RSA key pairs with an exponent of 1, which results in transactions that are sent in cleartext.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| computer_software_manufaktur | alibaba | 2.0 |
Buffer overflow in Alibaba web server allows remote attackers to cause a denial of service via a long GET request.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| computer_software_manufaktur | alibaba | 2.0 |