Lucene search

[email protected]CVE-2000-0237

HistoryMar 11, 2000 - 5:00 a.m.

CVE-2000-0237

2000-03-1105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

351

netscape enterprise server

remote attack

cve-2000-0237

directory listing

security vulnerability

9.2 High

AI Score

Confidence

High

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.002 Low

EPSS

Percentile

61.7%

JSON

Netscape Enterprise Server with Web Publishing enabled allows remote attackers to list arbitrary directories via a GET request for the /publisher directory, which provides a Java applet that allows the attacker to browse the directories.

CPENameOperatorVersion
netscape:enterprise_servernetscape enterprise servereq3.5
netscape:enterprise_servernetscape enterprise servereq3.6

CPE	Name	Operator	Version
netscape:enterprise_server	netscape enterprise server	eq	3.5
netscape:enterprise_server	netscape enterprise server	eq	3.6

References

www.securityfocus.com/bid/1075

zsh.stupidphat.com/advisory.cgi?000311-1

9.2 High

AI Score

Confidence

High

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.002 Low

EPSS

Percentile

61.7%

JSON

Related for CVE-2000-0237

nessus1 openvas1