Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1417

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2002-1417
Last Modified 05 Sep 2008 04:30:32
Published 11 Apr 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1417

Summary

Directory traversal vulnerability in Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to read arbitrary files via a URL containing a "..%5c" sequence (modified dot-dot), which is mapped to the directory separator.

Vulnerable Systems

Operating System

  • Novell Netware 5.1

  • Novell Netware 6.0

Application

  • Novell Small Business Suite 5.1

  • Novell Small Business Suite 6.0


References

BID - 5523

XF - novell-netbasic-directory-traversal(9910)

BUGTRAQ - 20020820 NOVL-2002-2963297 - NetBasic Buffer Overflow + Scripting Vulnerability

CONFIRM - http://support.novell.com/servlet/tidfinder/2963297


Last Updated: 27 May 2016 10:37:19