Vulnerabilities > CVE-2001-0404 - Directory Traversal vulnerability in SUN Javaserver web DEV KIT 1.0.1

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

sun

NVD

Published: 2001-06-18

Updated: 2016-10-18

Summary

Directory traversal vulnerability in JavaServer Web Dev Kit (JSWDK) 1.0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP request to the WEB-INF directory.

Vulnerable Configurations

Part	Description	Count
Application	Sun SUN Javaserver WEB DEV KIT 1.0.1	1

References

http://marc.info/?l=bugtraq&m=98583089425166&w=2