CVE-1999-0885

CVSS 2.0 Score 3.6 of 10 (low)

Details

Published Nov 3, 1999
Updated: Nov 7, 2023

Summary

CVE-1999-0885 is a vulnerability affecting Alibaba web servers. Malicious actors can exploit this issue by crafting malformed URLs containing pipe characters, which the server interprets as a command to execute external programs, allowing remote code execution. This vulnerability poses a significant risk as it grants attackers unrestricted access to the server and its data. Mitigation involves updating the web server software to a secure version and implementing input validation to block malformed URLs. This flaw was reported in 1999 and has since been addressed in newer software versions, but older systems remain susceptible.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share