CVE-2001-0250

Netscape Enterprise Server <4.x - Path Traversal

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-0250. PoCs published by Security Research Team.

AI-analyzed exploit summary This exploit demonstrates an information disclosure vulnerability in Netscape Enterprise Server with Web Publishing enabled. By sending an INDEX request, unauthenticated users can retrieve directory listings from the server.

Description

The Web Publishing feature in Netscape Enterprise Server 4.x and earlier allows remote attackers to list arbitrary directories under the web server root via the INDEX command.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Security Research Team · textremotemultiple
https://www.exploit-db.com/exploits/20591

This exploit demonstrates an information disclosure vulnerability in Netscape Enterprise Server with Web Publishing enabled. By sending an INDEX request, unauthenticated users can retrieve directory listings from the server.

Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Netscape Enterprise Server (version not specified)
No auth needed
Prerequisites: Netscape Enterprise Server with Web Publishing enabled
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Patch, Vendor Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-01/0396.html
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/2285
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/5997

Scores

EPSS 0.0341
EPSS Percentile 87.3%

Details

Status published
Products (2)
netscape/enterprise_server 3.0
netscape/enterprise_server 4.0
Published Jun 02, 2001
Tracked Since Feb 18, 2026