ID CVE-2000-0237
Summary Netscape Enterprise Server with Web Publishing enabled allows remote attackers to list arbitrary directories via a GET request for the /publisher directory, which provides a Java applet that allows the attacker to browse the directories.
References
Vulnerable Configurations
  • Netscape Netscape Enterprise Server 3.5
    cpe:2.3:a:netscape:enterprise_server:3.5
  • Netscape Netscape Enterprise Server 3.6
    cpe:2.3:a:netscape:enterprise_server:3.6
CVSS
Base: 6.4 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL NONE
refmap via4
bid 1075
misc http://zsh.stupidphat.com/advisory.cgi?000311-1
xf netscape-webpublisher-invalid-access
Last major update 10-09-2008 - 15:03
Published 11-03-2000 - 00:00
Back to Top