Lucene search
MitreCVE-2001-1044HistoryFeb 02, 2002 - 5:00 a.m.
CVE-2001-1044
2002-02-0205:00:00
mitre
web.nvd.nist.gov
33
cve-2001-1044
basilix webmail
information leakage
remote access
mysql
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.3
Confidence
Low
EPSS
0.028
Percentile
90.7%
Basilix Webmail 0.9.7beta, and possibly other versions, stores *.class and *.inc files under the document root and does not restrict access, which could allows remote attackers to obtain sensitive information such as MySQL passwords and usernames from the mysql.class file.
Affected configurations
Node
basilixbasilix_webmailMatch0.9.7_beta
| Vendor | Product | Version | CPE |
|---|---|---|---|
| basilix | basilix_webmail | 0.9.7_beta | cpe:2.3:a:basilix:basilix_webmail:0.9.7_beta:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2001-1044
2002-02-02 05:00:00
nessus
nessus
Basilix Webmail .class / .inc Direct Request Remote Information Disclosure
2001-01-25 00:00:00
exploitdb
exploitdb
Basilix Webmail 0.9.7 - Incorrect File Permissions
2001-01-11 00:00:00
nvd
nvd
CVE-2001-1044
2001-01-11 05:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.3
Confidence
Low
EPSS
0.028
Percentile
90.7%
Related for CVE-2001-1044