CVE-2002-1525

Name of the Vulnerable Software and Affected Versions Sun ONE Starter Kit version 2.0

Description A directory traversal issue exists in the ASTAware SearchDisk engine, allowing remote attackers to read arbitrary files. This can be achieved through a .. (dot dot) attack on ports 6015 or 6016, or by using an absolute pathname to access port 6017.

Recommendations For Sun ONE Starter Kit version 2.0, restrict access to ports 6015, 6016, and 6017 to minimize the risk of exploitation. As a temporary workaround, consider disabling the ASTAware SearchDisk engine until a patch is available.