ID CVE-1999-1527
Summary Internal HTTP server in Sun Netbeans Java IDE in Netbeans Developer 3.0 Beta and Forte Community Edition 1.0 Beta does not properly restrict access to IP addresses as specified in its configuration, which allows arbitrary remote attackers to access the server.
References
Vulnerable Configurations
  • cpe:2.3:a:sun:forte:community_1.0_beta
    cpe:2.3:a:sun:forte:community_1.0_beta
  • cpe:2.3:a:sun:netbeans_developer:3.0_beta
    cpe:2.3:a:sun:netbeans_developer:3.0_beta
CVSS
Base: 7.5 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
NASL family Web Servers
NASL id NETBEANS.NASL
description The remote host is running NetBeans (recently renamed to 'Forte') Java IDE. There is a bug in this version that allows anyone to browse the files on this system. This plugin has been deprecated. Webmirror3 (plugin ID 10662) will identify a browsable directory.
last seen 2018-07-18
modified 2018-07-16
plugin id 10149
published 1999-11-24
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=10149
title Sun NetBeans Java IDE HTTP Server IP Restriction Bypass Arbitrary File/Directory Access (deprecated)
refmap via4
bid 816
bugtraq 19991123 NetBeans/ Forte' Java IDE HTTP vulnerability
Last major update 17-10-2016 - 22:05
Published 23-11-1999 - 00:00
Back to Top