Russian Vulnerability Scanner Database

Back to List

CVE-1999-1053

Scores

EPSS

0.907high90.7%
0%20%40%60%80%100%

Percentile: 90.7%

CVSS

7.5high2.0
0246810

CVSS Score: 7.5/10

All CVSS Scores

CVSS 2.0
7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Description

guestbook.pl cleanses user-inserted SSI commands by removing text between “” separators, which allows remote attackers to execute arbitrary commands when guestbook.pl is run on Apache 1.3.9 and possibly other versions, since Apache allows other closing sequences besides “–>”.

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.
Learn more about Scaner-VS 7

Sources

nvd

Exploits

Exploit ID: 16914

Source: exploitdb

URL: https://www.exploit-db.com/exploits/16914

Exploit ID: 9907

Source: exploitdb

URL: https://www.exploit-db.com/exploits/9907

Exploit ID: CVE-1999-1053

Source: github-poc

URL: https://github.com/siunam321/CVE-1999-1053-PoC

Vulnerable Software (2)

Type: Configuration

Vendor: *

Product: http_server

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:apache:http_server:1.3.9:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:matt_wright:matt_wright_guestbook:2.3:...

Source: nvd

Type: Configuration

Vendor: *

Product: matt_wright_guestbook

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:apache:http_server:1.3.9:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:matt_wright:matt_wright_guestbook:2.3:...

Source: nvd

End of list