Vulnerabilities > CVE-2002-0262 - Directory Traversal vulnerability in Sybex E-Trainer Software Relative Path Filtering

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

sybex

NVD

Published: 2002-05-29

Updated: 2016-10-18

Summary

Directory traversal vulnerability in netget for Sybex E-Trainer web server allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.

Vulnerable Configurations

Part	Description	Count
Application	Sybex Sybex E Trainer *	1

References

http://marc.info/?l=bugtraq&m=101344812311216&w=2
http://www.iss.net/security_center/static/8175.php
http://www.securityfocus.com/bid/4071