Novell NetWare Web Server sewse.nlm (viewcode.jse) Traversal Arbitrary File Access

Medium Nessus Plugin ID 12048

Synopsis

The remote web server contains a JavaScript application that is affected by an information disclosure vulnerability.

Description

The installed version of Nombas ScriptEase Web Server Edition for NetWare on the remote host fails to sanitize input to the 'sewse.nlm' page and associated 'viewcode.jse' script before using it to display the source code of a file.

By passing in a specially crafted URL argument, an attacker can view the contents of files, even files outside the web root. This can lead to disclosure of sensitive information from the affected host, such as the RCONSOLE password located in AUTOEXEC.NCF.

Solution

Remove all sample scripts from the web server.

See Also

http://www.irmplc.com/index.php/113-Advisory-002

http://seclists.org/bugtraq/2001/Dec/204

http://www.nessus.org/u?837eab78

Plugin Details

Severity: Medium

ID: 12048

File Name: novell_viewcode.nasl

Version: 1.22

Type: remote

Family: Netware

Published: 2004/02/06

Modified: 2018/08/22

Dependencies: 10107

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

Exploit Available: false

Exploit Ease: No known exploits are available

Exploited by Nessus: true

Patch Publication Date: 2001/06/15

Vulnerability Publication Date: 2001/12/12

Reference Information

CVE: CVE-2001-1580

BID: 3715