Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the NS-query-pat parameter.
References
Link | Resource |
---|---|
http://archives.neohapsis.com/archives/bugtraq/2002-07/0085.html | |
http://www.iss.net/security_center/static/9517.php | Patch Vendor Advisory |
http://www.securityfocus.com/bid/5191 | Exploit Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2002-08-31T04:00:00
Updated: 2002-09-10T09:00:00
Reserved: 2002-08-27T00:00:00
Link: CVE-2002-1042
JSON object: View
NVD Information
Status : Analyzed
Published: 2002-10-04T04:00:00.000
Modified: 2008-09-05T20:29:37.613
Link: CVE-2002-1042
JSON object: View
Redhat Information
No data.
CWE