U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): ..
There are 2,360 matching records.
Displaying matches 2,341 through 2,360.
Vuln ID Summary CVSS Severity
CVE-1999-0933

TeamTrack web server allows remote attackers to read arbitrary files via a .. (dot dot) attack.

Published: October 01, 1999; 12:00:00 AM -0400 		V3.x:(not available)
 V2.0: 5.0 MEDIUM
CVE-1999-1351

Directory traversal vulnerability in KVIrc IRC client 0.9.0 with the "Listen to !nick <soundname> requests" option enabled allows remote attackers to read arbitrary files via a .. (dot dot) in a DCC GET request.

Published: September 24, 1999; 12:00:00 AM -0400 		V3.x:(not available)
 V2.0: 5.0 MEDIUM
CVE-1999-1377

Matt Wright's download.cgi 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the f parameter.

Published: September 09, 1999; 12:00:00 AM -0400 		V3.x:(not available)
 V2.0: 5.0 MEDIUM
CVE-1999-0771

The web components of Compaq Management Agents and the Compaq Survey Utility allow a remote attacker to read arbitrary files via a .. (dot dot) attack.

Published: May 26, 1999; 12:00:00 AM -0400 		V3.x:(not available)
 V2.0: 5.0 MEDIUM
CVE-1999-0927

NTMail allows remote attackers to read arbitrary files via a .. (dot dot) attack.

Published: May 26, 1999; 12:00:00 AM -0400 		V3.x:(not available)
 V2.0: 5.0 MEDIUM
CVE-1999-0229

Denial of service in Windows NT IIS server using ..\..

Published: May 12, 1999; 12:00:00 AM -0400 		V3.x:(not available)
 V2.0: 5.0 MEDIUM
CVE-1999-0776

Alibaba HTTP server allows remote attackers to read files via a .. (dot dot) attack.

Published: May 12, 1999; 12:00:00 AM -0400 		V3.x:(not available)
 V2.0: 5.0 MEDIUM
CVE-1999-1033

Microsoft Outlook Express before 4.72.3612.1700 allows a malicious user to send a message that contains a .., which can inadvertently cause Outlook to re-enter POP3 command mode and cause the POP3 session to hang.

Published: May 11, 1999; 12:00:00 AM -0400 		V3.x:(not available)
 V2.0: 5.0 MEDIUM
CVE-1999-0474

The ICQ Webserver allows remote attackers to use .. to access arbitrary files outside of the user's personal directory.

Published: April 05, 1999; 12:00:00 AM -0400 		V3.x:(not available)
 V2.0: 5.0 MEDIUM
CVE-2000-0153

FrontPage Personal Web Server (PWS) allows remote attackers to read files via a .... (dot dot) attack.

Published: March 26, 1999; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 5.0 MEDIUM
CVE-2000-0054

search.cgi in the SolutionScripts Home Free package allows remote attackers to view directories via a .. (dot dot) attack.

Published: January 03, 1999; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 5.0 MEDIUM
CVE-1999-0495

A remote attacker can gain access to a file system using .. (dot dot) when accessing SMB shares.

Published: January 01, 1999; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 10.0 HIGH
CVE-1999-0897

iChat ROOMS Webserver allows remote attackers to read arbitrary files via a .. (dot dot) attack.

Published: September 09, 1998; 12:00:00 AM -0400 		V3.x:(not available)
 V2.0: 5.0 MEDIUM
CVE-1999-0958

sudo 1.5.x allows local users to execute arbitrary commands via a .. (dot dot) attack.

Published: January 12, 1998; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 7.2 HIGH
CVE-1999-1069

Directory traversal vulnerability in carbo.dll in iCat Carbo Server 3.0.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the icatcommand parameter.

Published: November 08, 1997; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 5.0 MEDIUM
CVE-1999-0149

The wrap CGI program in IRIX allows remote attackers to view arbitrary directory listings via a .. (dot dot) attack.

Published: April 19, 1997; 12:00:00 AM -0400 		V3.x:(not available)
 V2.0: 7.5 HIGH
CVE-1999-0298

ypbind with -ypset and -ypsetme options activated in Linux Slackware and SunOS allows local and remote attackers to overwrite files via a .. (dot dot) attack.

Published: February 05, 1997; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 7.5 HIGH
CVE-1999-0174

The view-source CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack.

Published: February 01, 1997; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 6.4 MEDIUM
CVE-1999-0166

NFS allows users to use a "cd .." command to access other directories besides the exported file system.

Published: January 01, 1997; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 5.0 MEDIUM
CVE-1999-0179

Windows NT crashes or locks up when a Samba client executes a "cd .." command on a file share.

Published: January 01, 1997; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 5.0 MEDIUM