Lucene search

[email protected]CVE-2000-0431

HistoryMay 22, 2000 - 4:00 a.m.

CVE-2000-0431

2000-05-2204:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cobalt raq2

cobalt raq3

access permissions

file modification

security breach

6.7 Medium

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.036 Low

EPSS

Percentile

91.5%

JSON

Cobalt RaQ2 and RaQ3 does not properly set the access permissions and ownership for files that are uploaded via FrontPage, which allows attackers to bypass cgiwrap and modify files.

CPENameOperatorVersion
sun:cobalt_raq_3isun cobalt raq 3ieq*
sun:cobalt_raq_2sun cobalt raq 2eq*

CPE	Name	Operator	Version
sun:cobalt_raq_3i	sun cobalt raq 3i	eq	*
sun:cobalt_raq_2	sun cobalt raq 2	eq	*

References

archives.neohapsis.com/archives/bugtraq/2000-05/0305.html

www.osvdb.org/1346

www.securityfocus.com/bid/1238

www.securityfocus.com/templates/archive.pike?list=1&msg=20000523100045.B11049%40HiWAAY.net

6.7 Medium

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.036 Low

EPSS

Percentile

91.5%

JSON

Related for CVE-2000-0431

openvas1 nessus1