Lucene search

MitreCVE-2002-1316

HistoryNov 29, 2002 - 5:00 a.m.

CVE-2002-1316

2002-11-2905:00:00

mitre

web.nvd.nist.gov

iplanet

webserver

command execution

vulnerability

xss

cve-2002-1316

nvd

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.9

Confidence

High

EPSS

0.786

Percentile

98.3%

JSON

importInfo in the Admin Server for iPlanet WebServer 4.x, up to SP11, allows the web administrator to execute arbitrary commands via shell metacharacters in the dir parameter, and possibly allows remote attackers to exploit this vulnerability via a separate XSS issue (CVE-2002-1315).

Affected configurations

Nvd

Node

iplanetiplanet_web_serverMatch4.1

iplanetiplanet_web_serverMatch4.1_sp1

iplanetiplanet_web_serverMatch4.1_sp2

iplanetiplanet_web_serverMatch4.1_sp3

iplanetiplanet_web_serverMatch4.1_sp4

iplanetiplanet_web_serverMatch4.1_sp5

iplanetiplanet_web_serverMatch4.1_sp6

iplanetiplanet_web_serverMatch4.1_sp7

iplanetiplanet_web_serverMatch4.1_sp8

iplanetiplanet_web_serverMatch4.1_sp9

iplanetiplanet_web_serverMatch4.1_sp10

iplanetiplanet_web_serverMatch4.1_sp11

VendorProductVersionCPE
iplanetiplanet_web_server4.1cpe:2.3:a:iplanet:iplanet_web_server:4.1:*:*:*:*:*:*:*
iplanetiplanet_web_server4.1_sp1cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp1:*:*:*:*:*:*:*
iplanetiplanet_web_server4.1_sp2cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp2:*:*:*:*:*:*:*
iplanetiplanet_web_server4.1_sp3cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp3:*:*:*:*:*:*:*
iplanetiplanet_web_server4.1_sp4cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp4:*:*:*:*:*:*:*
iplanetiplanet_web_server4.1_sp5cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp5:*:*:*:*:*:*:*
iplanetiplanet_web_server4.1_sp6cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp6:*:*:*:*:*:*:*
iplanetiplanet_web_server4.1_sp7cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp7:*:*:*:*:*:*:*
iplanetiplanet_web_server4.1_sp8cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp8:*:*:*:*:*:*:*
iplanetiplanet_web_server4.1_sp9cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp9:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
iplanet	iplanet_web_server	4.1	cpe:2.3:a:iplanet:iplanet_web_server:4.1:::::::*
iplanet	iplanet_web_server	4.1_sp1	cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp1:::::::*
iplanet	iplanet_web_server	4.1_sp2	cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp2:::::::*
iplanet	iplanet_web_server	4.1_sp3	cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp3:::::::*
iplanet	iplanet_web_server	4.1_sp4	cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp4:::::::*
iplanet	iplanet_web_server	4.1_sp5	cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp5:::::::*
iplanet	iplanet_web_server	4.1_sp6	cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp6:::::::*
iplanet	iplanet_web_server	4.1_sp7	cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp7:::::::*
iplanet	iplanet_web_server	4.1_sp8	cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp8:::::::*
iplanet	iplanet_web_server	4.1_sp9	cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp9:::::::*

Rows per page:

1-10 of 121

References

archives.neohapsis.com/archives/vulnwatch/2002-q4/0078.html

marc.info/?l=bugtraq&m=103772308030269&w=2

sunsolve.sun.com/search/document.do?assetkey=1-26-49475-1

www.iss.net/security_center/static/10693.php

www.ngsec.com/docs/advisories/NGSEC-2002-4.txt

www.securityfocus.com/bid/6203

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.9

Confidence

High

EPSS

0.786

Percentile

98.3%

JSON

Related for CVE-2002-1316