CVE-1999-1177

CVSS 2.0 Score 5 of 10 (medium)

Details

Published Dec 31, 1999

Updated: Nov 20, 2024

Summary

CVE-1999-1177 is a vulnerability affecting versions of nph-publish before 1.2. This issue permits remote attackers to manipulate file paths during upload operations, enabling them to overwrite arbitrary files by exploiting a directory traversal vulnerability using the ".." (dot dot) notation. This can result in unintended file modifications or potential data leaks, posing a significant risk to system security. Attackers can exploit this vulnerability by sending crafted upload requests to the affected web server. It is crucial for affected organizations to apply the necessary patches or updates to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/NWlSTo
https://www.cve.org/CVERecord?id=CVE-1999-1177
https://nvd.nist.gov/vuln/detail/CVE-1999-1177

Back to Vulnerability Database

CVE-1999-1177

CVSS 2.0 Score 5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations