Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote malicious users to read arbitrary files via ..\ (dot-dot backslash) sequences in the NS-query-pat parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sun iplanet web server 4.1 |
||
netscape enterprise server 3.6 |
||
sun one application server 6.0 |
||
sun one web server 6.0 |