CVE-2002-0917

Sažetak

CGIScript.net csPassword.cgi stores .htpasswd files under the web document root, which could allow remote authenticated users to download the file and crack the passwords of other users.

Reference

http://online.securityfocus.com/archive/1/274727
http://www.iss.net/security_center/static/9220.php
http://www.securityfocus.com/bid/4885

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

05-09-2008 - 20:29

Objavljeno

04-10-2002 - 04:00