CVE-2002-1417

Sažetak

Directory traversal vulnerability in Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to read arbitrary files via a URL containing a "..%5c" sequence (modified dot-dot), which is mapped to the directory separator.

Reference

http://archives.neohapsis.com/archives/bugtraq/2002-08/0199.html
http://support.novell.com/servlet/tidfinder/2963297
http://www.iss.net/security_center/static/9910.php
http://www.securityfocus.com/bid/5523

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

05-09-2008 - 20:30

Objavljeno

11-04-2003 - 04:00