Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2000-1075

5 documents4 sources
Severity
5.0MEDIUM
EPSS
4.0%
top 11.55%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Netscape Directory ServerSUN Iplanet Certificate Management System
Timeline
PublishedDec 11
Latest updateApr 30

Description

Directory traversal vulnerability in iPlanet Certificate Management System 4.2 and Directory Server 4.12 allows remote attackers to read arbitrary files via a .. (dot dot) attack in the Agent, End Entity, or Administrator services.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-w468-9c9j-8x8w: Directory traversal vulnerability in iPlanet Certificate Management System 42022-04-30
CVEList
CVE-2000-1075: Directory traversal vulnerability in iPlanet Certificate Management System 42001-05-07

💥Exploits & PoCs

2
Exploit-DB
iPlanet Certificate Management System 4.2 - Directory Traversal2000-10-25
Exploit-DB
Netscape Directory Server 4.12 - Directory Server Directory Traversal2000-10-25
CVE-2000-1075 (MEDIUM CVSS 5) | Directory traversal vulnerability i | cvebase.io