Lucene search

[email protected]CVE-2002-1525

HistoryApr 02, 2003 - 5:00 a.m.

CVE-2002-1525

2003-04-0205:00:00

[email protected]

web.nvd.nist.gov

cve-2002-1525

directory traversal

astaware

searchdisk

vulnerability

sun one starter kit 2.0

remote attack

arbitrary files

port 6015

port 6016

absolute pathname

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.1 High

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.5%

JSON

Directory traversal vulnerability in ASTAware SearchDisk engine for Sun ONE Starter Kit 2.0 allows remote attackers to read arbitrary files via a … (dot dot) attack on port (1) 6015 or (2) 6016, or (3) an absolute pathname to port 6017.

Affected configurations

NVD

Node

astawaresearchdiscMatch3.1

sunsunone_starter_kitMatch2.0

CPENameOperatorVersion
astaware:searchdiscastaware searchdisceq3.1
sun:sunone_starter_kitsun sunone starter kiteq2.0

CPE	Name	Operator	Version
astaware:searchdisc	astaware searchdisc	eq	3.1
sun:sunone_starter_kit	sun sunone starter kit	eq	2.0

References

online.securityfocus.com/archive/1/293545

www.iss.net/security_center/static/10225.php

www.securityfocus.com/bid/5828

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.1 High

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.5%

JSON

Related for CVE-2002-1525

nvd1 cvelist1