CVE-2002-1417

Published: Apr 11, 2003Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Directory traversal vulnerability in Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to read arbitrary files via a URL containing a "..%5c" sequence (modified dot-dot), which is mapped to the directory separator.

Affected (4)

Products: Novell: Small Business Suite, Netware

2 products

Small Business Suite

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Novell Small Business Suite	Version 5.1
Novell Small Business Suite	Version 6.0

Configuration B

2 vulnerable

Vulnerable Software	Affected Versions
Novell Netware	Version 5.1
Novell Netware	Version 6.0

References (8)

http://archives.neohapsis.com/archives/bugtraq/2002-08/0199.html

Source: cve@mitre.org

PatchVendor Advisory

http://support.novell.com/servlet/tidfinder/2963297

Source: cve@mitre.org

http://www.iss.net/security_center/static/9910.php

Source: cve@mitre.org

PatchVendor Advisory

http://www.securityfocus.com/bid/5523

Source: cve@mitre.org

PatchVendor Advisory

http://archives.neohapsis.com/archives/bugtraq/2002-08/0199.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://support.novell.com/servlet/tidfinder/2963297

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.iss.net/security_center/static/9910.php

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/5523

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.