CVE-2002-1410

Sažetak

Easy Guestbook CGI programs do not authenticate the administrator, which allows remote attackers to (1) delete entries via direct access of admin.cgi, or (2) reconfigure Guestbook via direct access of config.cgi.

Reference

http://archives.neohapsis.com/archives/bugtraq/2002-07/0356.html
http://www.iss.net/security_center/static/9697.php
http://www.securityfocus.com/bid/5341

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

05-09-2008 - 20:30

Objavljeno

11-04-2003 - 04:00