CVE-2002-0202

2002-05-0304:00:00

mitre

www.cve.org

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

PaintBBS 1.2 installs certain files and directories with insecure permissions, which allows local users to (1) obtain the encrypted server password via the world-readable oekakibbs.conf file, or (2) modify the server configuration via the world-writeable /oekaki/ folder.

References

online.securityfocus.com/archive/1/251985

www.iss.net/security_center/static/7982.php

www.securityfocus.com/bid/3948