| CNNVD-ID编号 | CNNVD-199912-102 |
| CVE编号 | CVE-2000-0039 |
| 发布时间 | 1999-12-29 |
| 更新时间 | 2005-05-02 |
| 漏洞类型 | 输入验证 |
| 漏洞来源 | Posted to bugtraq on December 29, 1999 by Rudi Carell. |
| 危险等级 | 中危 |
| 威胁类型 | 远程 |
| 厂 商 | altavista |
query.cgi CGI 项目中存在AltaVista搜索引擎目录遍历漏洞,远程攻击者借助a .. (dot dot)读取文档根以上的文件。
AltaVista has released a patch for this issue, available at: http://doc.altavista.com/business_solutions/search_products/free_downloads/search_intranet.shtml It is under the 'patches' heading, and is called: AltaVista Search Intranet V2.3A Security Patch 12/99
来源: BID
名称: 896