Novell NetBasic Scripting Server Encoded Traversal Arbitrary File Access
Medium Nessus Plugin ID 12050
SynopsisThe remote host is vulnerable to information disclosure.
DescriptionNovell Netbasic Scripting Server Directory Traversal
It is possible to escape out of the root directory of the scripting server by substituting a forward or backward slash for %5C. As a result, system information, such as environment and user information, could be obtained from the NetWare server.
SolutionApply the relevant patch and remove all default files from their respective directories.