Vulnerability Details CVE-2002-1437
Directory traversal vulnerability in the web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to read arbitrary files via an HTTP request containing "..%5c" (URL-encoded dot-dot backslash) sequences.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.06
EPSS Ranking 90.2%
CVSS Severity
CVSS v2 Score 5.0
References
- http://archives.neohapsis.com/archives/bugtraq/2002-08/0202.html
- http://support.novell.com/servlet/tidfinder/2963307
- http://www.iss.net/security_center/static/9915.php
- http://www.securityfocus.com/bid/5522
- http://archives.neohapsis.com/archives/bugtraq/2002-08/0202.html
- http://support.novell.com/servlet/tidfinder/2963307
- http://www.iss.net/security_center/static/9915.php
- http://www.securityfocus.com/bid/5522