Lucene search

[email protected]NVD:CVE-2002-0921

HistoryOct 04, 2002 - 4:00 a.m.

CVE-2002-0921

2002-10-0404:00:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.4

Confidence

Low

EPSS

0.009

Percentile

83.2%

JSON

CGIScript.net csNews.cgi allows remote attackers to obtain potentially sensitive information, such as the full server pathname and other configuration settings, via the viewnews command with an invalid database, which leaks the information in error messages.

Affected configurations

Nvd

Node

cgiscript.netcsnewsMatch1.0

cgiscript.netcsnewsMatch1.0_professional

VendorProductVersionCPE
cgiscript.netcsnews1.0cpe:2.3:a:cgiscript.net:csnews:1.0:*:*:*:*:*:*:*
cgiscript.netcsnews1.0_professionalcpe:2.3:a:cgiscript.net:csnews:1.0_professional:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cgiscript.net	csnews	1.0	cpe:2.3:a:cgiscript.net:csnews:1.0:::::::*
cgiscript.net	csnews	1.0_professional	cpe:2.3:a:cgiscript.net:csnews:1.0_professional:::::::*

References

archives.neohapsis.com/archives/bugtraq/2002-06/0091.html

www.iss.net/security_center/static/9331.php

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.4

Confidence

Low

EPSS

0.009

Percentile

83.2%

JSON

Related for NVD:CVE-2002-0921

cve1 cvelist1