Netscape Enterprise Server with Web Publishing enabled allows remote malicious users to list arbitrary directories via a GET request for the /publisher directory, which provides a Java applet that allows the malicious user to browse the directories.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
netscape enterprise server 3.5 |
||
netscape enterprise server 3.6 |