Lucene search

[email protected]CVE-2004-1103

HistoryJan 10, 2005 - 5:00 a.m.

CVE-2004-1103

2005-01-1005:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2004-1103

mailpost

remote attack

information disclosure

web server

vulnerability

7.5 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

76.6%

JSON

MailPost 5.1.1sv, and possibly earlier versions, when debug mode is enabled, allows remote attackers to gain sensitive information via the debug parameter, which reveals information such as the path to the web root and the web server version.

CPENameOperatorVersion
tips:mailposttips mailposteq5.1.1_sv

CPE	Name	Operator	Version
tips:mailpost	tips mailpost	eq	5.1.1_sv

References

www.kb.cert.org/vuls/id/858726

www.procheckup.com/security_info/vuln_pr0409.html

www.securityfocus.com/bid/11595

exchange.xforce.ibmcloud.com/vulnerabilities/17952

7.5 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

76.6%

JSON