CVE-2000-1075

Published: Dec 11, 2000Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Directory traversal vulnerability in iPlanet Certificate Management System 4.2 and Directory Server 4.12 allows remote attackers to read arbitrary files via a .. (dot dot) attack in the Agent, End Entity, or Administrator services.

Affected (2)

Products: Netscape: Directory Server · Sun: Iplanet Certificate Management System

Netscape

1 product

Directory Server

Sun

1 product

Iplanet Certificate Management System

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Netscape Directory Server	Version 4.12
Sun Iplanet Certificate Management System	Version 4.2

References (12)

http://archives.neohapsis.com/archives/bugtraq/2000-10/0383.html

Source: cve@mitre.org

http://www.iplanet.com/downloads/patches/0122.html

Source: cve@mitre.org

http://www.osvdb.org/4086

Source: cve@mitre.org

http://www.osvdb.org/486

Source: cve@mitre.org

http://www.securityfocus.com/bid/1839

Source: cve@mitre.org

ExploitPatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/5421

Source: cve@mitre.org

http://archives.neohapsis.com/archives/bugtraq/2000-10/0383.html