Vulnerability Description
The Web Publishing feature in Netscape Enterprise Server 4.x and earlier allows remote attackers to list arbitrary directories under the web server root via the INDEX command.
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Netscape | Enterprise Server | 3.0 |
References
- http://archives.neohapsis.com/archives/bugtraq/2001-01/0396.htmlExploitPatchVendor Advisory
- http://www.securityfocus.com/bid/2285ExploitPatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5997
- http://archives.neohapsis.com/archives/bugtraq/2001-01/0396.htmlExploitPatchVendor Advisory
- http://www.securityfocus.com/bid/2285ExploitPatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5997
FAQ
What is CVE-2001-0250?
CVE-2001-0250 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The Web Publishing feature in Netscape Enterprise Server 4.x and earlier allows remote attackers to list arbitrary directories under the web server root via the INDEX command.
How severe is CVE-2001-0250?
CVE-2001-0250 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-0250?
Check the references section above for vendor advisories and patch information. Affected products include: Netscape Enterprise Server.