Lucene search

[email protected]CVE-2002-0773

HistoryAug 12, 2002 - 4:00 a.m.

CVE-2002-0773

2002-08-1204:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2002-0773

imp_rootdir.asp

hosting controller

remote attackers

file copy

file delete

parameter modification

7.7 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.021 Low

EPSS

Percentile

89.1%

JSON

imp_rootdir.asp for Hosting Controller allows remote attackers to copy or delete arbitrary files and directories via a direct request to imp_rootdir.asp and modifying parameters such as (1) ftp, (2) owwwPath, and (3) oftpPath.

CPENameOperatorVersion
hosting_controller:hosting_controllerhosting controllereq1.1
hosting_controller:hosting_controllerhosting controllereq1.3
hosting_controller:hosting_controllerhosting controllereq1.4b
hosting_controller:hosting_controllerhosting controllereq1.4.1
hosting_controller:hosting_controllerhosting controllereq1.4

CPE	Name	Operator	Version
hosting_controller:hosting_controller	hosting controller	eq	1.1
hosting_controller:hosting_controller	hosting controller	eq	1.3
hosting_controller:hosting_controller	hosting controller	eq	1.4b
hosting_controller:hosting_controller	hosting controller	eq	1.4.1
hosting_controller:hosting_controller	hosting controller	eq	1.4

References

archives.neohapsis.com/archives/bugtraq/2002-05/0142.html

www.iss.net/security_center/static/9105.php

www.securityfocus.com/bid/4761

7.7 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.021 Low

EPSS

Percentile

89.1%

JSON

Related for CVE-2002-0773

cvelist1