Vulnerabilities > CVE-2002-0897 - Unspecified vulnerability in Intranet-Server Localweb2000 2.1.0Standardversion

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
intranet-server
nessus
exploit available

Summary

LocalWEB2000 2.1.0 web server allows remote attackers to bypass access restrictions for restricted files via a URL that contains the "/./" directory.

Vulnerable Configurations

Part Description Count
Application
Intranet-Server
1

Exploit-Db

descriptionLocalWEB2000 2.1 .0 Standard Version File Disclosure Vulnerability. CVE-2002-0897. Remote exploit for windows platform
idEDB-ID:21475
last seen2016-02-02
modified2002-05-24
published2002-05-24
reporterTamer Sahin
sourcehttps://www.exploit-db.com/download/21475/
titleLocalWEB2000 2.1.0 Standard - File Disclosure Vulnerability

Nessus

NASL familyWeb Servers
NASL idLOCALWEB2K.NASL
descriptionThe remote host is running LocalWeb2000. Version 2.1.0 of LocalWeb2000 allows an attacker to view protected files on the host
last seen2020-06-01
modified2020-06-02
plugin id11005
published2002-06-05
reporterThis script is Copyright (C) 2002-2016 Jason Lidow <[email protected]>
sourcehttps://www.tenable.com/plugins/nessus/11005
titleLocalWeb2000 2.1.0 Multiple Remote Vulnerabilities
code
# This script was created by Jason Lidow <[email protected]>
# The vulnerability was originally discovered by [email protected] 

# Changes by Tenable:
# - Revised plugin title, output formatting, family change (9/5/09)


include("compat.inc");

if(description)
{
	script_id(11005);
	script_version("1.26");
	script_cve_id("CVE-2001-0189", "CVE-2002-0897");
	script_bugtraq_id(2268, 4820, 7947);

	script_name(english:"LocalWeb2000 2.1.0 Multiple Remote Vulnerabilities");

 script_set_attribute(attribute:"synopsis", value:
"The remote host is vulnerable to several information disclosure flaws." );
 script_set_attribute(attribute:"description", value:
"The remote host is running LocalWeb2000. 

Version 2.1.0 of LocalWeb2000 allows an attacker to view protected 
files on the host's computer. 

It may also disclose the NetBIOS name of the remote host when
it receives malformed directory requests." );
 script_set_attribute(attribute:"solution", value:
"Contact http://www.intranet-server.co.uk for an update." );
 script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
 script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
 script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"true");
 script_set_attribute(attribute:"plugin_publication_date", value: "2002/06/05");
 script_set_attribute(attribute:"vuln_publication_date", value: "2001/01/19");
 script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/12");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_end_attributes();


	script_summary(english:"Checks for LocalWeb2000");
	script_category(ACT_GATHER_INFO);
	script_copyright(english:"This script is Copyright (C) 2002-2016 Jason Lidow <[email protected]>");
	script_family(english:"Web Servers");
	script_dependencie("http_version.nasl", "find_service1.nasl", "httpver.nasl", "no404.nasl");
	script_require_ports("Services/www", 80);
	exit(0);
}

include("http_func.inc");

port = get_http_port(default:80, embedded:TRUE);


if(!get_port_state(port))exit(0);


banner = get_http_banner(port:port);
  
  

if(banner)
{
	if(egrep(pattern:"^Server: .*LocalWEB2000.*" , string:banner, icase:TRUE))
	{
	security_hole(port);
	}
}