MidnightBSD

Advisories for summit_computer_networks

CVE-2002-0304 MEDIUM

Lil HTTP Server 2.1 allows remote attackers to read password-protected files via a /./ in the HTTP request.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
summit_computer_networks lil_http_server 2.1
CVE-2002-1008 HIGH

Cross-site scripting vulnerability in PowerBASIC urlcount.cgi, as included in Lil' HTTP web server, allows remote attackers to execute arbitrary web script in other web browsers via a request to urlcount.cgi that contains the script, which is not filtered when the REPORT capability prints the original request.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
summit_computer_networks lil_http_server 2.2
summit_computer_networks lil_http_server 2.1
CVE-2002-1009 HIGH

Cross-site scripting vulnerability in PowerBASIC pbcgi.cgi, as included in Lil' HTTP web server, allows remote attackers to execute arbitrary web script in other web browsers via the (1) "Name" or (2) "E-mail" parameters.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
summit_computer_networks lil_http_server 2.2
summit_computer_networks lil_http_server 2.1
CVE-2002-2076 MEDIUM

Directory traversal vulnerability in Lil' HTTP server 2.1 and 2.2 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP GET request.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
summit_computer_networks lil_http 2.1
summit_computer_networks lil_http 2.2