CVE-2003-1553

Sažetak

Haakon Nilsen Simple Internet Publishing System (SIPS) 0.2.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain password and other user information via a direct request to a user-specific configuration directory.

Reference

http://securityreason.com/securityalert/3780
http://www.securityfocus.com/archive/1/315504/30/25460/threaded
http://www.securityfocus.com/bid/7134
https://exchange.xforce.ibmcloud.com/vulnerabilities/11572

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

19-10-2018 - 15:29

Objavljeno

31-12-2003 - 05:00