CVE-2002-1042
First published: Sat Aug 31 2002(Updated: )
Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the NS-query-pat parameter.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sun ONE Web Server | =6.0-sp3 | |
| Sun ONE Application Server | =6.0-sp1 | |
| Sun Iplanet Web Server | =4.1-sp9 | |
| Sun Iplanet Web Server | =4.1-sp4 | |
| Sun Iplanet Web Server | =4.1-sp10 | |
| Sun Iplanet Web Server | =4.1-sp1 | |
| Sun Iplanet Web Server | =4.1-sp7 | |
| Sun ONE Application Server | =6.0 | |
| Sun Iplanet Web Server | =4.1-sp1 | |
| Netscape Enterprise Server | =3.6 | |
| Sun Iplanet Web Server | =4.1-sp3 | |
| Sun Iplanet Web Server | =4.1-sp8 | |
| Sun Iplanet Web Server | =4.1-sp9 | |
| Sun Iplanet Web Server | =4.1-sp5 | |
| Sun Iplanet Web Server | =4.1-sp10 | |
| Sun Iplanet Web Server | =4.1 | |
| Sun Iplanet Web Server | =4.1-sp2 | |
| Sun Iplanet Web Server | =4.1-sp6 | |
| Sun ONE Application Server | =6.0-sp2 | |
| Sun Iplanet Web Server | =4.1-sp4 | |
| Sun Iplanet Web Server | =4.1-sp6 | |
| Sun Iplanet Web Server | =4.1-sp8 | |
| Sun Iplanet Web Server | =4.1-sp7 | |
| Sun Iplanet Web Server | =4.1-sp5 | |
| Sun Iplanet Web Server | =4.1-sp2 | |
| Sun Iplanet Web Server | =4.1-sp3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- collector/nvd-index
- agent/weakness
- agent/references
- agent/type
- agent/event
- agent/severity
- agent/author
- agent/description
- agent/first-publish-date
- agent/last-modified-date
- agent/remedy
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/sun
- canonical/sun one web server
- version/sun one web server/6.0-sp3
- canonical/sun one application server
- version/sun one application server/6.0-sp1
- canonical/sun iplanet web server
- version/sun iplanet web server/4.1-sp9
- version/sun iplanet web server/4.1-sp4
- version/sun iplanet web server/4.1-sp10
- version/sun iplanet web server/4.1-sp1
- version/sun iplanet web server/4.1-sp7
- version/sun one application server/6.0
- vendor/netscape
- canonical/netscape enterprise server
- version/netscape enterprise server/3.6
- version/sun iplanet web server/4.1-sp3
- version/sun iplanet web server/4.1-sp8
- version/sun iplanet web server/4.1-sp5
- version/sun iplanet web server/4.1
- version/sun iplanet web server/4.1-sp2
- version/sun iplanet web server/4.1-sp6
- version/sun one application server/6.0-sp2