CVE-2000-0689

Sažetak

Account Manager LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the amadmin.pl script with the setpasswd parameter.

Reference

http://archives.neohapsis.com/archives/bugtraq/2000-08/0291.html
http://www.cgiscriptcenter.com/acctlite/
http://www.osvdb.org/13341
http://www.securityfocus.com/bid/1604
https://exchange.xforce.ibmcloud.com/vulnerabilities/5125

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

11-07-2017 - 01:29

Objavljeno

20-10-2000 - 04:00