ID CVE-2001-0250
Summary The Web Publishing feature in Netscape Enterprise Server 4.x and earlier allows remote attackers to list arbitrary directories under the web server root via the INDEX command.
References
Vulnerable Configurations
  • Netscape Netscape Enterprise Server 3.0
    cpe:2.3:a:netscape:enterprise_server:3.0
  • Netscape Netscape Enterprise Server 4.0
    cpe:2.3:a:netscape:enterprise_server:4.0
CVSS
Base: 5.0 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
exploit-db via4
description Netscape Enterprise Server 3.0/4.0 'Index' Disclosure Vulnerability. CVE-2001-0250. Remote exploits for multiple platform
id EDB-ID:20591
last seen 2016-02-02
modified 2001-01-24
published 2001-01-24
reporter Security Research Team
source https://www.exploit-db.com/download/20591/
title Netscape Enterprise Server 3.0/4.0 - 'Index' Disclosure Vulnerability
nessus via4
NASL family Web Servers
NASL id NETSCAPE_ENTREPRISE_INDEX.NASL
description The remote web server gives a file listing when it is issued the command : INDEX / HTTP/1.1 An attacker may use this flaw to discover the internal structure of your website, or to discover supposedly hidden files.
last seen 2019-02-21
modified 2018-11-15
plugin id 10691
published 2001-06-15
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=10691
title Netscape Enterprise Web Publishing INDEX Command Arbitrary Directory Listing
refmap via4
bid 2285
bugtraq 20010124 [SAFER] Security Bulletin 010124.EXP.1.11
xf netscape-enterprise-list-directories(5997)
Last major update 05-09-2008 - 16:23
Published 02-06-2001 - 00:00
Last modified 18-12-2017 - 21:29
Back to Top