Vulnerabilities > CVE-2000-1075

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

netscape

sun

nessus

exploit available

NVD

Published: 2000-12-11

Updated: 2017-10-10

Summary

Directory traversal vulnerability in iPlanet Certificate Management System 4.2 and Directory Server 4.12 allows remote attackers to read arbitrary files via a .. (dot dot) attack in the Agent, End Entity, or Administrator services.

Vulnerable Configurations

Part	Description	Count
Application	Netscape Netscape Directory Server 4.12	1
Application	Sun SUN Iplanet Certificate Management System 4.2	1

Exploit-Db

description	iPlanet Certificate Management System 4.2 for Windows NT 4.0 Directory Traversal. CVE-2000-1075. Remote exploit for windows platform
id	EDB-ID:20324
last seen	2016-02-02
modified	2000-10-25
published	2000-10-25
reporter	CORE-SDI
source	https://www.exploit-db.com/download/20324/
title	iPlanet Certificate Management System 4.2 - Directory Traversal

description	Netscape Directory Server 4.12 Directory Server Directory Traversal Vulnerability. CVE-2000-1075. Remote exploit for windows platform
id	EDB-ID:20325
last seen	2016-02-02
modified	2000-10-25
published	2000-10-25
reporter	CORE-SDI
source	https://www.exploit-db.com/download/20325/
title	Netscape Directory Server 4.12 - Directory Server Directory Traversal Vulnerability

Nessus

NASL family	Web Servers
NASL id	IPLANET_DIR_SERV.NASL
description	There is a bug in the remote iPlanet web server that allows a user to read arbitrary files on the remote host. To exploit this flaw, an attacker needs to prepend
last seen	2020-06-01
modified	2020-06-02
plugin id	10589
published	2001-01-08
reporter	This script is Copyright (C) 2001-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/10589
title	iPlanet Directory Server Traversal Arbitrary File Access

NASL family	Web Servers
NASL id	IPLANET_TRAVERSAL.NASL
description	It is possible to read arbitrary files on the remote server by prepending /ca/\../\../ in front on the file name.
last seen	2020-06-01
modified	2020-06-02
plugin id	10683
published	2001-05-29
reporter	This script is Copyright (C) 2001-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/10683
title	iPlanet Certificate Management Traversal Arbitrary File Access

Packetstorm

data source	https://packetstormsecurity.com/files/download/32497/accipiter.txt
id	PACKETSTORM:32497
last seen	2016-12-05
published	2004-01-09
reporter	Mark Bassett
source	https://packetstormsecurity.com/files/32497/accipiter.txt.html
title	accipiter.txt

Vulnerabilities > CVE-2000-1075 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2000-1075"}]}

Summary

Vulnerable Configurations

Exploit-Db

Nessus

Packetstorm

References

Vulnerabilities > CVE-2000-1075