NVD Vulnerability Detail

CVE-2002-1042

Summary	Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the NS-query-pat parameter.
Publication Date	Oct. 4, 2002, 1 p.m.
Registration Date	Jan. 29, 2021, 6:04 p.m.
Last Update	Sept. 6, 2008, 5:29 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:netscape:enterprise_server:3.6:::::::*
cpe:2.3:a:sun:iplanet_web_server:4.1:::::::*
cpe:2.3:a:sun:iplanet_web_server:4.1:sp1::::::
cpe:2.3:a:sun:iplanet_web_server:4.1:sp1:enterprise:::::*
cpe:2.3:a:sun:iplanet_web_server:4.1:sp10::::::
cpe:2.3:a:sun:iplanet_web_server:4.1:sp10:enterprise:::::*
cpe:2.3:a:sun:iplanet_web_server:4.1:sp2::::::
cpe:2.3:a:sun:iplanet_web_server:4.1:sp2:enterprise:::::*
cpe:2.3:a:sun:iplanet_web_server:4.1:sp3::::::
cpe:2.3:a:sun:iplanet_web_server:4.1:sp3:enterprise:::::*
cpe:2.3:a:sun:iplanet_web_server:4.1:sp4::::::
cpe:2.3:a:sun:iplanet_web_server:4.1:sp4:enterprise:::::*
cpe:2.3:a:sun:iplanet_web_server:4.1:sp5::::::
cpe:2.3:a:sun:iplanet_web_server:4.1:sp5:enterprise:::::*
cpe:2.3:a:sun:iplanet_web_server:4.1:sp6::::::
cpe:2.3:a:sun:iplanet_web_server:4.1:sp6:enterprise:::::*
cpe:2.3:a:sun:iplanet_web_server:4.1:sp7::::::
cpe:2.3:a:sun:iplanet_web_server:4.1:sp7:enterprise:::::*
cpe:2.3:a:sun:iplanet_web_server:4.1:sp8::::::
cpe:2.3:a:sun:iplanet_web_server:4.1:sp8:enterprise:::::*
cpe:2.3:a:sun:iplanet_web_server:4.1:sp9::::::
cpe:2.3:a:sun:iplanet_web_server:4.1:sp9:enterprise:::::*
cpe:2.3:a:sun:one_application_server:6.0:::::::*
cpe:2.3:a:sun:one_application_server:6.0:sp1::::::
cpe:2.3:a:sun:one_application_server:6.0:sp2::::::
cpe:2.3:a:sun:one_web_server:6.0:sp3::::::

Related information, measures and tools

No	URL	refsource	タグ
1	http://archives.neohapsis.com/archives/bugtraq/2002-07/0085.html	BUGTRAQ
2	http://www.iss.net/security_center/static/9517.php	XF	Patch Vendor Advisory
3	http://www.securityfocus.com/bid/5191	BID	Exploit Patch Vendor Advisory

Common Vulnerabilities List

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:netscape:enterprise_server:3.6:::::::*
cpe:2.3:a:sun:iplanet_web_server:4.1:::::::*
cpe:2.3:a:sun:iplanet_web_server:4.1:sp1::::::
cpe:2.3:a:sun:iplanet_web_server:4.1:sp1:enterprise:::::*
cpe:2.3:a:sun:iplanet_web_server:4.1:sp10::::::
cpe:2.3:a:sun:iplanet_web_server:4.1:sp10:enterprise:::::*
cpe:2.3:a:sun:iplanet_web_server:4.1:sp2::::::
cpe:2.3:a:sun:iplanet_web_server:4.1:sp2:enterprise:::::*
cpe:2.3:a:sun:iplanet_web_server:4.1:sp3::::::
cpe:2.3:a:sun:iplanet_web_server:4.1:sp3:enterprise:::::*
cpe:2.3:a:sun:iplanet_web_server:4.1:sp4::::::
cpe:2.3:a:sun:iplanet_web_server:4.1:sp4:enterprise:::::*
cpe:2.3:a:sun:iplanet_web_server:4.1:sp5::::::
cpe:2.3:a:sun:iplanet_web_server:4.1:sp5:enterprise:::::*
cpe:2.3:a:sun:iplanet_web_server:4.1:sp6::::::
cpe:2.3:a:sun:iplanet_web_server:4.1:sp6:enterprise:::::*
cpe:2.3:a:sun:iplanet_web_server:4.1:sp7::::::
cpe:2.3:a:sun:iplanet_web_server:4.1:sp7:enterprise:::::*
cpe:2.3:a:sun:iplanet_web_server:4.1:sp8::::::
cpe:2.3:a:sun:iplanet_web_server:4.1:sp8:enterprise:::::*
cpe:2.3:a:sun:iplanet_web_server:4.1:sp9::::::
cpe:2.3:a:sun:iplanet_web_server:4.1:sp9:enterprise:::::*
cpe:2.3:a:sun:one_application_server:6.0:::::::*
cpe:2.3:a:sun:one_application_server:6.0:sp1::::::
cpe:2.3:a:sun:one_application_server:6.0:sp2::::::
cpe:2.3:a:sun:one_web_server:6.0:sp3::::::