CVE-2004-2617

Name: CVE-2004-2617
Creator: NVD / NIST
Published: 2004-12-31T05:00:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 3.83%

Last modified Jun 16, 2026

CVE-2004-2617 is a vulnerability of currently unknown severity. Directory traversal vulnerability in Pegasi Web Server (PWS) 0.2.2 allows remote attackers to read files outside of the web root via a .. (dot dot) directly after the initial '/' (slash) in the URI.. EPSS estimates a 3.83% chance of exploitation in the next 30 days.

Description

Directory traversal vulnerability in Pegasi Web Server (PWS) 0.2.2 allows remote attackers to read files outside of the web root via a .. (dot dot) directly after the initial '/' (slash) in the URI.

Metrics

EPSS Probability

3.83%

88.7th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Pegasi Web Server	Pegasi Web Server	0.2.2

References

http://archives.neohapsis.com/archives/bugtraq/2004-03/0109.htmlExploit, Vendor Advisory
http://archives.neohapsis.com/archives/bugtraq/2004-03/0136.html
http://secunia.com/advisories/11122Exploit, Patch, Vendor Advisory
http://sourceforge.net/forum/forum.php?forum_id=359660Patch
http://www.autistici.org/fdonato/advisory/pws0.2.2-adv.txtExploit, Vendor Advisory
http://www.osvdb.org/4254Exploit, Patch
http://www.securityfocus.com/bid/9847Exploit, Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/15435
http://archives.neohapsis.com/archives/bugtraq/2004-03/0109.htmlExploit, Vendor Advisory
http://archives.neohapsis.com/archives/bugtraq/2004-03/0136.html
http://secunia.com/advisories/11122Exploit, Patch, Vendor Advisory
http://sourceforge.net/forum/forum.php?forum_id=359660Patch
http://www.autistici.org/fdonato/advisory/pws0.2.2-adv.txtExploit, Vendor Advisory
http://www.osvdb.org/4254Exploit, Patch
http://www.securityfocus.com/bid/9847Exploit, Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/15435

Timeline

Published: Dec 31, 2004
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2004-2617?

Directory traversal vulnerability in Pegasi Web Server (PWS) 0.2.2 allows remote attackers to read files outside of the web root via a .. (dot dot) directly after the initial '/' (slash) in the URI.

How severe is CVE-2004-2617?

Severity scoring for CVE-2004-2617 is pending analysis. The EPSS model estimates a 3.83% probability of exploitation in the next 30 days.

How do I fix CVE-2004-2617?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2004-2617?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST