CVE-2002-0786

Name of the Vulnerable Software and Affected Versions: inJoin Directory Server version 4.0

Description: The issue allows authenticated inJoin administrators to read arbitrary files by specifying the target file in the LOG parameter. This could potentially lead to unauthorized access to sensitive information.

Recommendations: For inJoin Directory Server version 4.0, consider restricting access to the LOG parameter to prevent arbitrary file reading until a patch is available. As a temporary workaround, limit the privileges of inJoin administrators to minimize the risk of exploitation.