iPlanet Certificate Management System 4.2 - Directory Traversal

Author: CORE-SDI
type: remote
platform: windows
port: 
date_added: 2000-10-25  
date_updated: 2012-08-08  
verified: 1  
codes: CVE-2000-1075;OSVDB-486  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 20324.txt  

source: https://www.securityfocus.com/bid/1839/info


Acquiring access to known files outside of the web root is possible through directory traversal techniques in both iPlanet Certificate Management System (CMS). This is made possible through the use of "\../" in a HTTP request. The following services are affected by this vulnerability:

- The Agent services server on port 8100/tcp
- The End Entity services server on port 443/tcp (Accessible through SSL)
- The Administrator services server on a random port configured during installation.

https://target/ca/\../\../\../\file.ext