Lucene search

[email protected]CVE-2003-0268

HistoryMay 27, 2003 - 4:00 a.m.

CVE-2003-0268

2003-05-2704:00:00

[email protected]

web.nvd.nist.gov

cve-2003-0268

slwebmail

windows

remote attackers

server path disclosure

dll

webmailreq.dll

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.7 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

76.7%

JSON

SLWebMail 3 on Windows systems allows remote attackers to identify the full path of the server via invalid requests to DLLs such as WebMailReq.dll, which reveals the path in an error message.

Affected configurations

NVD

Node

bvrp_softwareslwebmailMatch3.0

CPENameOperatorVersion
bvrp_software:slwebmailbvrp software slwebmaileq3.0

CPE	Name	Operator	Version
bvrp_software:slwebmail	bvrp software slwebmail	eq	3.0

References

marc.info/?l=bugtraq&m=105232436210273&w=2

marc.info/?l=ntbugtraq&m=105233363721919&w=2

www.nextgenss.com/advisories/slwebmail-vulns.txt

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.7 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

76.7%

JSON

Related for CVE-2003-0268

nvd1 cvelist1 nessus1