CVE-2001-0973

Name: CVE-2001-0973
Creator: NVD / NIST
Published: 2001-08-31T04:00:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 2.02%

Last modified Jun 16, 2026

CVE-2001-0973 is a vulnerability of currently unknown severity. BSCW groupware system 3.3 through 4.0.2 beta allows remote attackers to read or modify arbitrary files by uploading and extracting a tar file with a symlink into the data-bag space.. EPSS estimates a 2.02% chance of exploitation in the next 30 days.

Description

BSCW groupware system 3.3 through 4.0.2 beta allows remote attackers to read or modify arbitrary files by uploading and extracting a tar file with a symlink into the data-bag space.

Metrics

EPSS Probability

2.02%

78.6th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Fraunhofer Fit	Bscw	<= 4.0.2_beta
Fraunhofer Fit	Bscw	3.3
Fraunhofer Fit	Bscw	3.3.1
Fraunhofer Fit	Bscw	3.4.1
Fraunhofer Fit	Bscw	3.4.3
Fraunhofer Fit	Bscw	4.0.1_beta

References

http://archives.neohapsis.com/archives/bugtraq/2001-08/0328.htmlPatch, Vendor Advisory
http://bscw.gmd.de/Bulletins/BSCW-SB-2001-08.extract.txtPatch, Vendor Advisory
http://www.iss.net/security_center/static/7029.php
http://www.kb.cert.org/vuls/id/465971US Government Resource
http://www.securityfocus.com/bid/3227
http://archives.neohapsis.com/archives/bugtraq/2001-08/0328.htmlPatch, Vendor Advisory
http://bscw.gmd.de/Bulletins/BSCW-SB-2001-08.extract.txtPatch, Vendor Advisory
http://www.iss.net/security_center/static/7029.php
http://www.kb.cert.org/vuls/id/465971US Government Resource
http://www.securityfocus.com/bid/3227

Timeline

Published: Aug 31, 2001
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2001-0973?

BSCW groupware system 3.3 through 4.0.2 beta allows remote attackers to read or modify arbitrary files by uploading and extracting a tar file with a symlink into the data-bag space.

How severe is CVE-2001-0973?

Severity scoring for CVE-2001-0973 is pending analysis. The EPSS model estimates a 2.02% probability of exploitation in the next 30 days.

How do I fix CVE-2001-0973?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2001-0973?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST