Directory Traversal Vulnerability in iPlanet Web Server and Netscape Enterprise Server
CVE-2002-1042

Currently unrated

Key Information:

Vendor

Oracle
Status
One Web Server
One Application Server
Iplanet Web Server
Enterprise Server
Vendor
CVE Published:
4 October 2002

What is CVE-2002-1042?

A directory traversal vulnerability exists in the search engine of the iPlanet Web Server versions 6.0 SP2 and 4.1 SP9, as well as Netscape Enterprise Server 3.6 on Windows platforms. This flaw allows attackers to exploit the NS-query-pat parameter, using sequences such as ..\ (dot-dot backslash), to read arbitrary files on the server. The improper validation of user inputs opens a pathway for unauthorized file access, potentially leading to further compromise if sensitive information is exposed.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://archives.neohapsis.com/archives/bugtraq/2002-07/00...
mailing-listx_refsource_BUGTRAQ
http://www.iss.net/security_center/static/9517.php
vdb-entryx_refsource_XF
http://www.securityfocus.com/bid/5191
vdb-entryx_refsource_BID

EPSS Score

10% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.