Directory Traversal Vulnerability in SunPS iRunbook by Sun Microsystems
CVE-2002-1033

Currently unrated

Key Information:

Vendor: Oracle
Status: I-runbook
Vendor: CVE Published:; 4 October 2002

What is CVE-2002-1033?

The SunPS iRunbook 2.5.2 is susceptible to a directory traversal vulnerability, allowing attackers to read arbitrary files on the server. This vulnerability occurs due to inadequate validation of user input in the none.php script, where the use of the '..:' sequence can enable unauthorized access to sensitive filesystem paths. By exploiting this flaw, remote attackers could gain insights into server configurations, user data, or other confidential information.

References

http://www.iss.net/security_center/static/9549.php

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/5209

vdb-entryx_refsource_BID

http://online.securityfocus.com/archive/1/281786

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Oct 4, 2002
Vulnerability Reserved
Aug 27, 2002

Oracle

What is CVE-2002-1033?

References

Timeline