Lucene search

[email protected]CVE-2004-1878

HistoryMay 10, 2005 - 4:00 a.m.

CVE-2004-1878

2005-05-1004:00:00

[email protected]

web.nvd.nist.gov

linbox

lin:box

cve-2004-1878

authentication bypass

sensitive information leakage

remote exploitation

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.2 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.2%

JSON

LINBOX LIN:BOX allows remote attackers to bypass authentication, obtain sensitive information, or gain access via a direct request to admin/user.pl preceded by // (double leading slash).

Affected configurations

NVD

Node

linbit_technologieslinbox_officeserver

CPENameOperatorVersion
linbit_technologies:linbox_officeserverlinbit technologies linbox officeservereq*

CPE	Name	Operator	Version
linbit_technologies:linbox_officeserver	linbit technologies linbox officeserver	eq	*

References

marc.info/?l=bugtraq&m=108067245401673&w=2

secunia.com/advisories/11264

www.securityfocus.com/bid/10010

www.websec.org/adv/linbit.txt.html

exchange.xforce.ibmcloud.com/vulnerabilities/15677

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.2 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.2%

JSON

Related for CVE-2004-1878

cvelist1 nvd1