LocalWeb2000 Remote Read Network Vulnerability

Summary

The remote host is running LocalWeb2000. Version 2.1.0 of LocalWeb2000 allows an attacker to view protected files on the host's computer. Example: http://www.vulnerableserver.com/./protectedfolder/protectedfile.htm It may also disclose the NetBIOS name of the remote host when it receives malformed directory requests.

Solution

Contact http://www.intranet-server.co.uk for an update.

Severity

Classification

CVE CVE-2001-0189
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Avotus mm File Retrieval attempt
WebLogic Server /%00/ bug
Mailman private.py Directory Traversal Vulnerability
Anaconda Double NULL Encoded Remote File Retrieval
Music Daemon File Disclosure

LocalWeb2000 remote read

Take action and discover your vulnerabilities