Novell NetWare Web Server sewse.nlm (viewcode.jse) Traversal Arbitrary File Access

medium Nessus Plugin ID 12048

Language:

Synopsis

The remote web server contains a JavaScript application that is affected by an information disclosure vulnerability.

Description

The installed version of Nombas ScriptEase Web Server Edition for NetWare on the remote host fails to sanitize input to the 'sewse.nlm' page and associated 'viewcode.jse' script before using it to display the source code of a file.

By passing in a specially crafted URL argument, an attacker can view the contents of files, even files outside the web root. This can lead to disclosure of sensitive information from the affected host, such as the RCONSOLE password located in AUTOEXEC.NCF.

Solution

Remove all sample scripts from the web server.

See Also

http://www.irmplc.com/index.php/113-Advisory-002

https://seclists.org/bugtraq/2001/Dec/204

http://www.nessus.org/u?837eab78

Plugin Details

Severity: Medium

ID: 12048

File Name: novell_viewcode.nasl

Version: 1.24

Type: remote

Family: Netware

Published: 2/6/2004

Updated: 6/12/2020

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

Exploit Ease: No known exploits are available

Exploited by Nessus: true

Patch Publication Date: 6/15/2001

Vulnerability Publication Date: 12/12/2001

Reference Information

CVE: CVE-2001-1580

BID: 3715