Description
Directory traversal vulnerability in ViewLog for iPlanet Administration Server 5.1 (aka Sun ONE) allows remote attackers to read arbitrary files via "..%2f" (partially encoded dot dot) sequences.
Affected products
- sun / iplanet_directory_server5.0 – 5.0
- sun / iplanet_directory_server5.1 – 5.1
- sun / iplanet_directory_server5.1 – 5.1
- sun / iplanet_directory_server5.1 – 5.1
- sun / one_directory_server5.0 – 5.0
- sun / one_directory_server5.0 – 5.0
- sun / one_directory_server5.0_sp2 – 5.0_sp2
- sun / one_directory_server5.1 – 5.1
- sun / one_directory_server5.1 – 5.1
- sun / one_directory_server5.1 – 5.1