Lucene search

[email protected]NVD:CVE-2000-0688

HistoryOct 20, 2000 - 4:00 a.m.

CVE-2000-0688

2000-10-2004:00:00

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.9

Confidence

Low

EPSS

0.024

Percentile

90.0%

JSON

Subscribe Me LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the subscribe.pl script with the setpwd parameter.

Affected configurations

Nvd

Node

cgi_script_centersubscribe_me_liteMatch2.0

VendorProductVersionCPE
cgi_script_centersubscribe_me_lite2.0cpe:2.3:a:cgi_script_center:subscribe_me_lite:2.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cgi_script_center	subscribe_me_lite	2.0	cpe:2.3:a:cgi_script_center:subscribe_me_lite:2.0:::::::*

References

archives.neohapsis.com/archives/bugtraq/2000-08/0292.html

marc.info/?l=bugtraq&m=96722957421029&w=2

www.cgiscriptcenter.com/subscribe/

www.securityfocus.com/bid/1607

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.9

Confidence

Low

EPSS

0.024

Percentile

90.0%

JSON

Related for NVD:CVE-2000-0688

cve1 exploitdb2 cvelist1