漏洞类别:Web server漏洞等级: 
漏洞信息
Netscape Enterprise Server is industrial-strength Web server software that enables organizations to publish content and deploy network-centric applications.
By requesting a specially crafted command via a telnet port, a malicious user can cause the Netscape Enterprise Server to display it's directory structure.
Note: In order to exploit this vulnerability, Web Publishing must be enabled.
漏洞危害
Successful exploitation of this vulnerability may result in the disclosure of the directory listing of the server.
解决方案
The Security Research Team (security@relaygroup.com) provided the following workaround:
Disable Web Publishing or disable INDEX request, which will likely break the Web publishing feature.
0day
文章评论