CVE-2002-1042
iPlanet Web Server 4.1 - Search Component File Disclosure
Severity Score
5.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the NS-query-pat parameter.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2002-07-09 First Exploit
- 2002-08-27 CVE Reserved
- 2002-08-31 CVE Published
- 2024-01-09 EPSS Updated
- 2024-08-08 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://archives.neohapsis.com/archives/bugtraq/2002-07/0085.html | Mailing List |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/21603 | 2002-07-09 | |
| http://www.securityfocus.com/bid/5191 | 2024-08-08 |
| URL | Date | SRC |
|---|---|---|
| http://www.iss.net/security_center/static/9517.php | 2008-09-05 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Netscape Search vendor "Netscape" | Enterprise Server Search vendor "Netscape" for product "Enterprise Server" | 3.6 Search vendor "Netscape" for product "Enterprise Server" and version "3.6" | - |
Affected
| ||||||
| Sun Search vendor "Sun" | Iplanet Web Server Search vendor "Sun" for product "Iplanet Web Server" | 4.1 Search vendor "Sun" for product "Iplanet Web Server" and version "4.1" | - |
Affected
| ||||||
| Sun Search vendor "Sun" | Iplanet Web Server Search vendor "Sun" for product "Iplanet Web Server" | 4.1 Search vendor "Sun" for product "Iplanet Web Server" and version "4.1" | sp1 |
Affected
| ||||||
| Sun Search vendor "Sun" | Iplanet Web Server Search vendor "Sun" for product "Iplanet Web Server" | 4.1 Search vendor "Sun" for product "Iplanet Web Server" and version "4.1" | sp1, enterprise |
Affected
| ||||||
| Sun Search vendor "Sun" | Iplanet Web Server Search vendor "Sun" for product "Iplanet Web Server" | 4.1 Search vendor "Sun" for product "Iplanet Web Server" and version "4.1" | sp10 |
Affected
| ||||||
| Sun Search vendor "Sun" | Iplanet Web Server Search vendor "Sun" for product "Iplanet Web Server" | 4.1 Search vendor "Sun" for product "Iplanet Web Server" and version "4.1" | sp10, enterprise |
Affected
| ||||||
| Sun Search vendor "Sun" | Iplanet Web Server Search vendor "Sun" for product "Iplanet Web Server" | 4.1 Search vendor "Sun" for product "Iplanet Web Server" and version "4.1" | sp2 |
Affected
| ||||||
| Sun Search vendor "Sun" | Iplanet Web Server Search vendor "Sun" for product "Iplanet Web Server" | 4.1 Search vendor "Sun" for product "Iplanet Web Server" and version "4.1" | sp2, enterprise |
Affected
| ||||||
| Sun Search vendor "Sun" | Iplanet Web Server Search vendor "Sun" for product "Iplanet Web Server" | 4.1 Search vendor "Sun" for product "Iplanet Web Server" and version "4.1" | sp3 |
Affected
| ||||||
| Sun Search vendor "Sun" | Iplanet Web Server Search vendor "Sun" for product "Iplanet Web Server" | 4.1 Search vendor "Sun" for product "Iplanet Web Server" and version "4.1" | sp3, enterprise |
Affected
| ||||||
| Sun Search vendor "Sun" | Iplanet Web Server Search vendor "Sun" for product "Iplanet Web Server" | 4.1 Search vendor "Sun" for product "Iplanet Web Server" and version "4.1" | sp4 |
Affected
| ||||||
| Sun Search vendor "Sun" | Iplanet Web Server Search vendor "Sun" for product "Iplanet Web Server" | 4.1 Search vendor "Sun" for product "Iplanet Web Server" and version "4.1" | sp4, enterprise |
Affected
| ||||||
| Sun Search vendor "Sun" | Iplanet Web Server Search vendor "Sun" for product "Iplanet Web Server" | 4.1 Search vendor "Sun" for product "Iplanet Web Server" and version "4.1" | sp5 |
Affected
| ||||||
| Sun Search vendor "Sun" | Iplanet Web Server Search vendor "Sun" for product "Iplanet Web Server" | 4.1 Search vendor "Sun" for product "Iplanet Web Server" and version "4.1" | sp5, enterprise |
Affected
| ||||||
| Sun Search vendor "Sun" | Iplanet Web Server Search vendor "Sun" for product "Iplanet Web Server" | 4.1 Search vendor "Sun" for product "Iplanet Web Server" and version "4.1" | sp6 |
Affected
| ||||||
| Sun Search vendor "Sun" | Iplanet Web Server Search vendor "Sun" for product "Iplanet Web Server" | 4.1 Search vendor "Sun" for product "Iplanet Web Server" and version "4.1" | sp6, enterprise |
Affected
| ||||||
| Sun Search vendor "Sun" | Iplanet Web Server Search vendor "Sun" for product "Iplanet Web Server" | 4.1 Search vendor "Sun" for product "Iplanet Web Server" and version "4.1" | sp7 |
Affected
| ||||||
| Sun Search vendor "Sun" | Iplanet Web Server Search vendor "Sun" for product "Iplanet Web Server" | 4.1 Search vendor "Sun" for product "Iplanet Web Server" and version "4.1" | sp7, enterprise |
Affected
| ||||||
| Sun Search vendor "Sun" | Iplanet Web Server Search vendor "Sun" for product "Iplanet Web Server" | 4.1 Search vendor "Sun" for product "Iplanet Web Server" and version "4.1" | sp8 |
Affected
| ||||||
| Sun Search vendor "Sun" | Iplanet Web Server Search vendor "Sun" for product "Iplanet Web Server" | 4.1 Search vendor "Sun" for product "Iplanet Web Server" and version "4.1" | sp8, enterprise |
Affected
| ||||||
| Sun Search vendor "Sun" | Iplanet Web Server Search vendor "Sun" for product "Iplanet Web Server" | 4.1 Search vendor "Sun" for product "Iplanet Web Server" and version "4.1" | sp9 |
Affected
| ||||||
| Sun Search vendor "Sun" | Iplanet Web Server Search vendor "Sun" for product "Iplanet Web Server" | 4.1 Search vendor "Sun" for product "Iplanet Web Server" and version "4.1" | sp9, enterprise |
Affected
| ||||||
| Sun Search vendor "Sun" | One Application Server Search vendor "Sun" for product "One Application Server" | 6.0 Search vendor "Sun" for product "One Application Server" and version "6.0" | - |
Affected
| ||||||
| Sun Search vendor "Sun" | One Application Server Search vendor "Sun" for product "One Application Server" | 6.0 Search vendor "Sun" for product "One Application Server" and version "6.0" | sp1 |
Affected
| ||||||
| Sun Search vendor "Sun" | One Application Server Search vendor "Sun" for product "One Application Server" | 6.0 Search vendor "Sun" for product "One Application Server" and version "6.0" | sp2 |
Affected
| ||||||
| Sun Search vendor "Sun" | One Web Server Search vendor "Sun" for product "One Web Server" | 6.0 Search vendor "Sun" for product "One Web Server" and version "6.0" | sp3 |
Affected
| ||||||