CVE-2001-0871 Information

Description

Directory traversal vulnerability in HTTP server for Alchemy Eye and Alchemy Network Monitor allows remote attackers to execute arbitrary commands via an HTTP request containing (1) a .. in versions 2.0 through 2.6.18 or (2) a DOS device name followed by a .. in versions 2.6.19 through 3.0.10.

Reference

http://marc.info/?l=bugtraq&m=100714173510535&w=2 http://www.kb.cert.org/vuls/id/220715 http://www.securityfocus.com/bid/3599 https://exchange.xforce.ibmcloud.com/vulnerabilities/7625 https://exchange.xforce.ibmcloud.com/vulnerabilities/7626