Directory Traversal Vulnerability in Nostromo Webserver
CVE-2011-0751

Currently unrated

Key Information:

Vendor

Nazgul

Status
Nostromo
Vendor
CVE Published:
16 March 2011

What is CVE-2011-0751?

The Nostromo webserver, specifically nhttpd prior to version 1.9.4, is affected by a directory traversal vulnerability that enables remote attackers to manipulate file paths. By employing crafted URI requests that include encoded sequences, such as ..%2f, adversaries can execute arbitrary commands or access unauthorized files within the server. This vulnerability poses severe risks to the confidentiality and integrity of web applications utilizing affected versions.

References

http://www.redteam-pentesting.de/advisories/rt-sa-2011-001
x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/66103
vdb-entryx_refsource_XF
http://www.nazgul.ch/dev_nostromo.html
x_refsource_CONFIRM

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2011-0751 : Directory Traversal Vulnerability in Nostromo Webserver