CVE-2001-0982

Currently unrated

Key Information:

Vendor: IBM
Status: Tivoli Secureway Policy Director
Vendor: CVE Published:; 23 July 2001

Summary

Directory traversal vulnerability in IBM Tivoli WebSEAL Policy Director 3.01 through 3.7.1 allows remote attackers to read arbitrary files or directories via encoded .. (dot dot) sequences containing "%2e" strings.

References

http://archives.neohapsis.com/archives/bugtraq/2001-07/04...

mailing-listx_refsource_BUGTRAQ

http://www-1.ibm.com/support/search.wss?rs=0&q=IY18152&ap...

vendor-advisoryx_refsource_AIXAPAR

ftp://ftp.tivoli.com/support/patches/patches_3.7.1/3.7.1-...

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Jan 31, 2002
Vulnerability published
Jul 23, 2001