Exploit Netscape Directory Server 4.12 - Directory Server Directory Traversal

Exploiter

Хакер
34,599
0
18 Дек 2022
EDB-ID
20325
Проверка EDB
  1. Пройдено
Автор
CORE-SDI
Тип уязвимости
REMOTE
Платформа
WINDOWS
CVE
cve-2000-1075
Дата публикации
2000-10-25
Код:
source: https://www.securityfocus.com/bid/1839/info
 
 
Acquiring access to known files outside of the web root is possible through directory traversal techniques in Netscape Directory Server. This is made possible through the use of "\../" in a HTTP request. The following services are affected by this vulnerability:
 
- The Agent services server on port 8100/tcp
- The End Entity services server on port 443/tcp (Accessible through SSL)
- The Administrator services server on a random port configured during installation.
 
https://target/ca/\../\../\../\file.ext
 
Источник
www.exploit-db.com

Похожие темы