|
|
Family: Netware --> Category: infos
Novell Netbasic Scripting Server Directory Traversal Vulnerability Scan
Vulnerability Scan Summary
Checks for Novell Netbasic Scripting Server Directory Traversal Vulnerability
Detailed Explanation for this Vulnerability Test
Novell Netbasic Scripting Server Directory Traversal
It is possible to escape out of the root directory of the scripting server by
substituting a forward or backward slash for %5C. As a result, system
information, such as environment and user information, could be obtained from
the Netware server.
Example: http://server/nsn/..%5Cutil/userlist.bas
Solution : Apply the relevant patch and remove all default files from their
respective directories.
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|
