Novell NetWare Web Server sewse.nlm (viewcode.jse) Traversal Arbitrary File Access

This script is Copyright (C) 2002-2016 David Kyger


Synopsis :

The remote web server contains a JavaScript application that is
affected by an information disclosure vulnerability.

Description :

The installed version of Nombas ScriptEase Web Server Edition for
NetWare on the remote host fails to sanitize input to the 'sewse.nlm'
page and associated 'viewcode.jse' script before using it to display
the source code of a file.

By passing in a specially crafted URL argument, an attacker can view
the contents of files, even files outside the web root. This can lead
to disclosure of sensitive information from the affected host, such as
the RCONSOLE password located in AUTOEXEC.NCF.

See also :

http://www.irmplc.com/index.php/113-Advisory-002
http://seclists.org/bugtraq/2001/Dec/204
http://www.nessus.org/u?837eab78

Solution :

Remove all sample scripts from the web server.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVSS Temporal Score : 4.3
(CVSS2#E:H/RL:OF/RC:ND)
Public Exploit Available : true

Family: Netware

Nessus Plugin ID: 12048 ()

Bugtraq ID: 3715

CVE ID: CVE-2001-1580

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now