Lucene search

[email protected]CVE-2002-1629

HistoryMar 26, 2005 - 5:00 a.m.

CVE-2002-1629

2005-03-2605:00:00

[email protected]

web.nvd.nist.gov

multi-tech

proxyserver

null password

remote attackers

administrative privileges

telnet

http

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

Low

0.017 Low

EPSS

Percentile

87.7%

JSON

Multi-Tech ProxyServer products MTPSR1-100, MTPSR1-120, MTPSR1-202ST, MTPSR2-201, and MTPSR3-200 ship with a null password, which allows remote attackers to gain administrative privileges via Telnet or HTTP.

Affected configurations

NVD

Node

multi-techproxyserverMatchmtpsr1100

multi-techproxyserverMatchmtpsr1120

multi-techproxyserverMatchmtpsr1202st

multi-techproxyserverMatchmtpsr2201

multi-techproxyserverMatchmtpsr3200

CPENameOperatorVersion
multi-tech:proxyservermulti-tech proxyservereqmtpsr1
multi-tech:proxyservermulti-tech proxyservereqmtpsr2
multi-tech:proxyservermulti-tech proxyservereqmtpsr3

CPE	Name	Operator	Version
multi-tech:proxyserver	multi-tech proxyserver	eq	mtpsr1
multi-tech:proxyserver	multi-tech proxyserver	eq	mtpsr2
multi-tech:proxyserver	multi-tech proxyserver	eq	mtpsr3

References

archives.neohapsis.com/archives/bugtraq/2002-12/0105.html

www.kb.cert.org/vuls/id/495705

www.securityfocus.com/bid/7203

exchange.xforce.ibmcloud.com/vulnerabilities/10845

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

Low

0.017 Low

EPSS

Percentile

87.7%

JSON

Related for CVE-2002-1629

cvelist1 nessus1 nvd1