12 lines
No EOL
772 B
Text
12 lines
No EOL
772 B
Text
source: http://www.securityfocus.com/bid/5828/info
|
|
|
|
A vulnerability has been reported for the Sun ONE Starter Kit 2.0 and ASTAware SearchDisc. The Starter Kit includes a search engine facility provided for easy information retrieval. The search engine included with the Starter Kit is a modified version of ASTAWare SearchDisc. Reportedly, the search engine is vulnerable to directory traversal attacks.
|
|
|
|
An attacker can use the information obtained through this manner to launch potentially destructive attacks against a vulnerable system.
|
|
|
|
This vulnerability affects both the Sun ONE Starter Kit and ASTAware SearchDisc.
|
|
|
|
http://target:6015/../../../../../
|
|
http://target:6016/../../../../../
|
|
http://SearchDisk:6017/etc/Password
|
|
http://SearchDisk:6017/etc/Root |