Sign in Subscribe

← All advisories

Unrated severityNVD Advisory· Published Aug 14, 2001· Updated Apr 16, 2026

CVE-2001-0557

CVE-2001-0557

Description

T. Hauck Jana Webserver 1.46 and earlier allows a remote attacker to view arbitrary files via a '..' (dot dot) attack which is URL encoded (%2e%2e).

Affected products

4

T. Hauck/Jana Web Server4 versions
cpe:2.3:a:t._hauck:jana_web_server:*:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:t._hauck:jana_web_server:*:*:*:*:*:*:*:*range: <=1.46
- cpe:2.3:a:t._hauck:jana_web_server:1.0j:*:*:*:*:*:*:*
- cpe:2.3:a:t._hauck:jana_web_server:1.45:*:*:*:*:*:*:*
- cpe:2.3:a:t._hauck:jana_web_server:2.0_beta_1:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

4

archives.neohapsis.com/archives/bugtraq/2001-05/0086.htmlnvdExploitPatchVendor Advisory
www.securityfocus.com/bid/2703nvdExploitPatchVendor Advisory
www.kb.cert.org/vuls/id/132099nvdUS Government Resource
exchange.xforce.ibmcloud.com/vulnerabilities/6513nvd

News mentions

0

No linked articles in our index yet.