Published: 11/12/2000 Updated: 10/10/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 510

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Directory traversal vulnerability in iPlanet Certificate Management System 4.2 and Directory Server 4.12 allows remote malicious users to read arbitrary files via a .. (dot dot) attack in the Agent, End Entity, or Administrator services.

Vulnerable Product	Search on Vulmon	Subscribe to Product
netscape directory server 4.12
sun iplanet certificate management system 4.2

Accipiter Direct Server is susceptible to a directory traversal attack that allows retrieval of files outside of the webroot ...

source: wwwsecurityfocuscom/bid/1839/info Acquiring access to known files outside of the web root is possible through directory traversal techniques in Netscape Directory Server This is made possible through the use of "\/" in a HTTP request The following services are affected by this vulnerability: - The Agent services server on ...

source: wwwsecurityfocuscom/bid/1839/info Acquiring access to known files outside of the web root is possible through directory traversal techniques in both iPlanet Certificate Management System (CMS) This is made possible through the use of "\/" in a HTTP request The following services are affected by this vulnerability: - The Agen ...

NVD-CWE-Other http://www.securityfocus.com/bid/1839 http://www.iplanet.com/downloads/patches/0122.html http://archives.neohapsis.com/archives/bugtraq/2000-10/0383.html http://www.osvdb.org/4086 http://www.osvdb.org/486 https://exchange.xforce.ibmcloud.com/vulnerabilities/5421 https://nvd.nist.gov https://packetstormsecurity.com/files/32497/accipiter.txt.html https://www.exploit-db.com/exploits/20325/

CVE-2000-1075

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect