Information Disclosure Vulnerability in SunPS iRunbook by Sun Microsystems
CVE-2002-1034

Currently unrated

Key Information:

Vendor: Oracle
Status: I-runbook
Vendor: CVE Published:; 4 October 2002

What is CVE-2002-1034?

The SunPS iRunbook version 2.5.2 contains a vulnerability in the 'none.php' script that allows remote attackers to exploit directory traversal techniques. By providing an absolute pathname in the argument to the script, attackers can read arbitrary files on the server. This exposure can lead to unauthorized access to sensitive data and could potentially compromise the entire system's security. It is recommended to implement access controls and file system permissions to mitigate this vulnerability.

References

http://www.iss.net/security_center/static/9549.php

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/5209

vdb-entryx_refsource_BID

http://online.securityfocus.com/archive/1/281786

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Oct 4, 2002
Vulnerability Reserved
Aug 27, 2002

Oracle

What is CVE-2002-1034?

References

Timeline