CVE-2000-1075

Description

Directory traversal vulnerability in iPlanet Certificate Management System 4.2 and Directory Server 4.12 allows remote attackers to read arbitrary files via a .. (dot dot) attack in the Agent, End Entity, or Administrator services.

Affected products

• netscape / directory_server4.12 – 4.12
• sun / iplanet_certificate_management_system4.2 – 4.2

References

• MISChttp://archives.neohapsis.com/archives/bugtraq/2000-10/0383.html
• MISChttp://www.securityfocus.com/bid/1839
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/5421
• MISChttp://www.iplanet.com/downloads/patches/0122.html
• MISChttp://www.osvdb.org/4086
• MISChttp://www.osvdb.org/486