Vulnerabilities > CVE-2001-0250 - Unspecified vulnerability in Netscape Enterprise Server 3.0/4.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
The Web Publishing feature in Netscape Enterprise Server 4.x and earlier allows remote attackers to list arbitrary directories under the web server root via the INDEX command.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Exploit-Db
| description | Netscape Enterprise Server 3.0/4.0 'Index' Disclosure Vulnerability. CVE-2001-0250. Remote exploits for multiple platform |
| id | EDB-ID:20591 |
| last seen | 2016-02-02 |
| modified | 2001-01-24 |
| published | 2001-01-24 |
| reporter | Security Research Team |
| source | https://www.exploit-db.com/download/20591/ |
| title | Netscape Enterprise Server 3.0/4.0 - 'Index' Disclosure Vulnerability |
Nessus
| NASL family | Web Servers |
| NASL id | NETSCAPE_ENTREPRISE_INDEX.NASL |
| description | The remote web server gives a file listing when it is issued the command : INDEX / HTTP/1.1 An attacker may use this flaw to discover the internal structure of your website, or to discover supposedly hidden files. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 10691 |
| published | 2001-06-15 |
| reporter | This script is Copyright (C) 2001-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/10691 |
| title | Netscape Enterprise Web Publishing INDEX Command Arbitrary Directory Listing |