CVE-2001-0276
First published: Thu May 03 2001(Updated: )
ext.dll in BadBlue 1.02.07 Personal Edition web server allows remote attackers to determine the physical path of the server by directly calling ext.dll without any arguments, which produces an error message that contains the path.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| BadBlue | =1.2.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2001-0276?
CVE-2001-0276 has a medium severity rating due to its potential for exposing the server's physical path.
How do I fix CVE-2001-0276?
To fix CVE-2001-0276, upgrade BadBlue to a version that does not include the ext.dll vulnerability.
What type of attack does CVE-2001-0276 facilitate?
CVE-2001-0276 facilitates path disclosure attacks, allowing attackers to gain sensitive information about the server.
Which version of BadBlue is affected by CVE-2001-0276?
CVE-2001-0276 specifically affects BadBlue version 1.2.7.
How does CVE-2001-0276 expose server information?
CVE-2001-0276 exposes server information by allowing attackers to trigger error messages from ext.dll that disclose the server's physical path.
- agent/references
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/weakness
- agent/remedy
- agent/author
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/working resources inc.
- canonical/badblue
- version/badblue/1.2.7