Lucene search
HistoryDec 06, 2001 - 5:00 a.m.
CVE-2001-0839
cve-2001-0839
ibill
weak password
password guessing
.htpasswd file
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
6.5 Medium
AI Score
Confidence
Low
0.033 Low
EPSS
Percentile
91.3%
ibillpm.pl in iBill password management system generates weak passwords based on a client’s MASTER_ACCOUNT, which allows remote attackers to modify account information in the .htpasswd file via brute force password guessing.
Affected configurations
Node
ibill_internet_billing_companyprocessing_plus
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibill_internet_billing_company:processing_plus | ibill internet billing company processing plus | eq | * |
Related
openvas
openvas
ibillpm.pl
2005-11-03 00:00:00
ibillpm.pl
2005-11-03 00:00:00
nvd
nvd
CVE-2001-0839
2001-12-06 05:00:00
cvelist
cvelist
CVE-2001-0839
2001-11-22 05:00:00
nessus
nessus
iBill ibillpm.pl Password Generation Weakness
2002-08-18 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
6.5 Medium
AI Score
Confidence
Low
0.033 Low
EPSS
Percentile
91.3%
Related for CVE-2001-0839