Directory Listing Vulnerability in 4D WebSTAR by 4D
CVE-2004-0696

Currently unrated

Key Information:

Vendor: 4d
Status: Webstar
Vendor: CVE Published:; 27 July 2004

What is CVE-2004-0696?

The ShellExample.cgi script present in 4D WebSTAR versions 5.3.2 and earlier is vulnerable to exposure through improper access control, allowing remote attackers to list arbitrary directories. This flaw can lead to unauthorized access to sensitive files and information by simply crafting a URL that includes the desired path followed by an asterisk (*) character. Exploitation of this vulnerability can facilitate further security breaches, making it essential for users to apply necessary patches and updates.

References

http://www.atstake.com/research/advisories/2004/a071304-1...

vendor-advisoryx_refsource_ATSTAKE

https://exchange.xforce.ibmcloud.com/vulnerabilities/16687

vdb-entryx_refsource_XF

ftp://ftp.4d.com/ACI_PRODUCT_REFERENCE_LIBRARY/4D_PRODUCT...

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 27, 2004
Vulnerability Reserved
Jul 14, 2004

CVE-2004-0696 Data

JSON