| VID |
22039 |
| Severity |
40 |
| Port |
443 |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The iPlanet Certificate Management server has a directory traversal vulnerability, which allows remote users to read arbitrary files on the server by prepending '/ca/\../\../' in front on the file name.
Netscape (iPlanet) Certificate Management System version 4.2 and Netscape Directory Server version 4.12 stores the 'Admin' password in plaintext under admin-serv/config/adm.conf. A remote attacker could use a separate directory traversal vulnerability to obtain the password remotely and use it to perform administrative functions on the server.
* References:
http://www.core-sdi.com/advisories/iplanet_cms_netscape.htm
http://www.iss.net/security_center/static/5422.php
Platforms Affected:
Netscape Directory Server: All Versions
iPlanet Certificate Management System 4.2 |
| Recommendation |
Apply the latest patch for iPlanet Certificate Management System (4.2 SP1 or later), available from the iPlanet Downloads Web site, "Patches" at http://www.iplanet.com/downloads/patches/index.html |
| Related URL |
CVE-2000-1076 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
