Lucene search

[email protected]NVD:CVE-2003-1386

HistoryDec 31, 2003 - 5:00 a.m.

CVE-2003-1386

2003-12-3105:00:00

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

AI Score

6.2

Confidence

Low

EPSS

0.034

Percentile

91.6%

JSON

AXIS 2400 Video Server 2.00 through 2.33 allows remote attackers to obtain sensitive information via an HTTP request to /support/messages, which displays the server’s /var/log/messages file.

Affected configurations

Nvd

Node

axis2400_video_serverMatch2.0

axis2400_video_serverMatch2.20

axis2400_video_serverMatch2.31

axis2400_video_serverMatch2.32

axis2400_video_serverMatch2.33

axis2401_video_serverMatch2.20

axis2401_video_serverMatch2.31

axis2401_video_serverMatch2.32

axis2401_video_serverMatch2.33

VendorProductVersionCPE
axis2400_video_server2.0cpe:2.3:h:axis:2400_video_server:2.0:*:*:*:*:*:*:*
axis2400_video_server2.20cpe:2.3:h:axis:2400_video_server:2.20:*:*:*:*:*:*:*
axis2400_video_server2.31cpe:2.3:h:axis:2400_video_server:2.31:*:*:*:*:*:*:*
axis2400_video_server2.32cpe:2.3:h:axis:2400_video_server:2.32:*:*:*:*:*:*:*
axis2400_video_server2.33cpe:2.3:h:axis:2400_video_server:2.33:*:*:*:*:*:*:*
axis2401_video_server2.20cpe:2.3:h:axis:2401_video_server:2.20:*:*:*:*:*:*:*
axis2401_video_server2.31cpe:2.3:h:axis:2401_video_server:2.31:*:*:*:*:*:*:*
axis2401_video_server2.32cpe:2.3:h:axis:2401_video_server:2.32:*:*:*:*:*:*:*
axis2401_video_server2.33cpe:2.3:h:axis:2401_video_server:2.33:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
axis	2400_video_server	2.0	cpe:2.3:h:axis:2400_video_server:2.0:::::::*
axis	2400_video_server	2.20	cpe:2.3:h:axis:2400_video_server:2.20:::::::*
axis	2400_video_server	2.31	cpe:2.3:h:axis:2400_video_server:2.31:::::::*
axis	2400_video_server	2.32	cpe:2.3:h:axis:2400_video_server:2.32:::::::*
axis	2400_video_server	2.33	cpe:2.3:h:axis:2400_video_server:2.33:::::::*
axis	2401_video_server	2.20	cpe:2.3:h:axis:2401_video_server:2.20:::::::*
axis	2401_video_server	2.31	cpe:2.3:h:axis:2401_video_server:2.31:::::::*
axis	2401_video_server	2.32	cpe:2.3:h:axis:2401_video_server:2.32:::::::*
axis	2401_video_server	2.33	cpe:2.3:h:axis:2401_video_server:2.33:::::::*

References

archives.neohapsis.com/archives/bugtraq/2003-02/0377.html

archives.neohapsis.com/archives/bugtraq/2003-03/0370.html

www.securityfocus.com/bid/6980

www.websec.org/adv/axis2400.txt.html

exchange.xforce.ibmcloud.com/vulnerabilities/11440

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

AI Score

6.2

Confidence

Low

EPSS

0.034

Percentile

91.6%

JSON

Related for NVD:CVE-2003-1386

cve1 cvelist1 nessus1 exploitdb1