Directory Traversal Vulnerability in iPlanet Certificate Management System by Sun Microsystems
CVE-2000-1075

Currently unrated

Key Information:

Vendor: Oracle
Status: Iplanet Certificate Management System; Directory Server
Vendor: CVE Published:; 11 December 2000

What is CVE-2000-1075?

The iPlanet Certificate Management System and Directory Server are vulnerable to a directory traversal attack, allowing remote attackers to gain unauthorized access to sensitive files. By exploiting this vulnerability through various services such as Agent, End Entity, or Administrator, an attacker can manipulate file paths using the dot-dot (..) notation. This flaw poses significant risks, including disclosure of system files, configuration data, or other sensitive information that could compromise the integrity and confidentiality of the affected systems.

References

http://archives.neohapsis.com/archives/bugtraq/2000-10/03...

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/1839

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/5421

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Dec 11, 2000
Vulnerability Reserved
Nov 29, 2000

Oracle

What is CVE-2000-1075?

References

Timeline