CVE-2002-1417

Опубликовано: 11 апр. 2003

Источник: nvd

CVSS2: 5

EPSS Средний

Описание

Directory traversal vulnerability in Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to read arbitrary files via a URL containing a "..%5c" sequence (modified dot-dot), which is mapped to the directory separator.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2002-08/0199.html
Patch
Vendor Advisory
http://support.novell.com/servlet/tidfinder/2963297
http://www.iss.net/security_center/static/9910.php
Patch
Vendor Advisory
http://www.securityfocus.com/bid/5523
Patch
Vendor Advisory
http://archives.neohapsis.com/archives/bugtraq/2002-08/0199.html
Patch
Vendor Advisory
http://support.novell.com/servlet/tidfinder/2963297
http://www.iss.net/security_center/static/9910.php
Patch
Vendor Advisory
http://www.securityfocus.com/bid/5523
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:novell:small_business_suite:5.1:*:*:*:*:*:*:*

cpe:2.3:a:novell:small_business_suite:6.0:*:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:o:novell:netware:5.1:*:*:*:*:*:*:*

cpe:2.3:o:novell:netware:6.0:*:*:*:*:*:*:*

EPSS

Процентиль: 94%

0.13553

Средний

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-wrjp-jc2q-pxvq

github

больше 3 лет назад