CVE-2002-2335

Sažetak

Killer Protection 1.0 stores the vars.inc include file under the web root with insufficient access control, which allows remote attackers to obtain user names and passwords and log in using protection.php.

Reference

http://online.securityfocus.com/archive/1/294208
http://www.iss.net/security_center/static/10315.php
http://www.securityfocus.com/bid/5905

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

05-09-2008 - 20:32

Objavljeno

31-12-2002 - 05:00