Lucene search

[email protected]NVD:CVE-2002-0918

HistoryOct 04, 2002 - 4:00 a.m.

CVE-2002-0918

2002-10-0404:00:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.2

Confidence

Low

EPSS

0.881

Percentile

98.7%

JSON

CGIScript.net csPassword.cgi leaks sensitive information such as the pathname of the server in debug messages that are presented when the script fails, which allows remote attackers to obtain the information via a “remove” option in the command parameter, which generates an error.

Affected configurations

Nvd

Node

cgiscript.netcspasswordMatch1.0

VendorProductVersionCPE
cgiscript.netcspassword1.0cpe:2.3:a:cgiscript.net:cspassword:1.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cgiscript.net	cspassword	1.0	cpe:2.3:a:cgiscript.net:cspassword:1.0:::::::*

References

online.securityfocus.com/archive/1/274727

www.iss.net/security_center/static/9221.php

www.securityfocus.com/bid/4887

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.2

Confidence

Low

EPSS

0.881

Percentile

98.7%

JSON

Related for NVD:CVE-2002-0918

cve1 cvelist1 exploitdb1