Vulnerabilities > CVE-2002-1525 - Directory Traversal vulnerability in Sun ONE Starter Kit / ASTAware SearchDisc Search Engine
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Directory traversal vulnerability in ASTAware SearchDisk engine for Sun ONE Starter Kit 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack on port (1) 6015 or (2) 6016, or (3) an absolute pathname to port 6017.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 | |
| Application | 1 |
Exploit-Db
| description | Sun ONE Starter Kit 2.0 / ASTAware SearchDisc 3.1 Search Engine Directory Traversal Vulnerability. CVE-2002-1525. Webapps exploit for java platform |
| id | EDB-ID:21879 |
| last seen | 2016-02-02 |
| modified | 2002-09-30 |
| published | 2002-09-30 |
| reporter | ET LoWNOISE |
| source | https://www.exploit-db.com/download/21879/ |
| title | Sun ONE Starter Kit 2.0 / ASTAware SearchDisc 3.1 - Search Engine Directory Traversal Vulnerability |