Lucene search

K
cve[email protected]CVE-2004-1990
HistoryMay 10, 2005 - 4:00 a.m.

CVE-2004-1990

2005-05-1004:00:00
web.nvd.nist.gov
21
cve-2004-1990
aldo's web server
aweb
remote attackers
sensitive information disclosure

7.1 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.038 Low

EPSS

Percentile

91.9%

Aldo’s Web Server (aweb) 1.5 allows remote attackers to gain sensitive information via an arbitrary character, which reveals the full path and the user running the aweb process, possibly due to a malformed request.

Affected configurations

NVD
Node
aldo_vargasaldos_web_serverMatch1.5

7.1 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.038 Low

EPSS

Percentile

91.9%

Related for CVE-2004-1990