Lucene search

[email protected]NVD:CVE-2004-1219

HistoryJan 10, 2005 - 5:00 a.m.

CVE-2004-1219

2005-01-1005:00:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

Confidence

Low

EPSS

0.006

Percentile

77.9%

JSON

paFileDB 3.1, when using sessions authentication and while the administrator logs on, allows remote attackers to read the administrator’s password hash and conduct brute force password guessing attacks by listing the contents of the sessions directory and reading the associated file for the administrator session.

Affected configurations

Nvd

Node

php_arenapafiledbMatch3.1

VendorProductVersionCPE
php_arenapafiledb3.1cpe:2.3:a:php_arena:pafiledb:3.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
php_arena	pafiledb	3.1	cpe:2.3:a:php_arena:pafiledb:3.1:::::::*

References

echo.or.id/adv/adv09-y3dips-2004.txt

marc.info/?l=bugtraq&m=110245123927025&w=2

www.securityfocus.com/bid/11818

exchange.xforce.ibmcloud.com/vulnerabilities/18364

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

Confidence

Low

EPSS

0.006

Percentile

77.9%

JSON

Related for NVD:CVE-2004-1219

nessus3 cvelist1 cve1