ID OSVDB:4107Type osvdbReporter OSVDBModified 2004-02-28T08:39:46
Description
Solution Description
Upgrade to build 2004.0.04.0303 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.
References:
Vendor URL: http://www.software602.com/
Secunia Advisory ID:11007
Related OSVDB ID: 6932
Mail List Post: http://marc.theaimsgroup.com/?l=bugtraq&m=107799540630302&w=2
ISS X-Force ID: 15350
CVE-2004-0336
Bugtraq ID: 9781
{"type": "osvdb", "published": "2004-02-28T08:39:46", "href": "https://vulners.com/osvdb/OSVDB:4107", "bulletinFamily": "software", "cvss": {"vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/", "score": 5.0}, "viewCount": 6, "edition": 1, "reporter": "OSVDB", "title": "602Pro LAN SUITE Web Mail Login Form Installation Path Disclosure", "affectedSoftware": [], "enchantments": {"score": {"value": 5.9, "vector": "NONE", "modified": "2017-04-28T13:19:58", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2004-0336"]}], "modified": "2017-04-28T13:19:58", "rev": 2}, "vulnersScore": 5.9}, "references": [], "id": "OSVDB:4107", "lastseen": "2017-04-28T13:19:58", "cvelist": ["CVE-2004-0336"], "modified": "2004-02-28T08:39:46", "description": "## Solution Description\nUpgrade to build 2004.0.04.0303 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## References:\nVendor URL: http://www.software602.com/\n[Secunia Advisory ID:11007](https://secuniaresearch.flexerasoftware.com/advisories/11007/)\n[Related OSVDB ID: 6932](https://vulners.com/osvdb/OSVDB:6932)\nMail List Post: http://marc.theaimsgroup.com/?l=bugtraq&m=107799540630302&w=2\nISS X-Force ID: 15350\n[CVE-2004-0336](https://vulners.com/cve/CVE-2004-0336)\nBugtraq ID: 9781\n"}
{"cve": [{"lastseen": "2021-02-02T05:22:58", "description": "LAN SUITE Web Mail 602Pro allows remote attackers to gain sensitive information via the mail login form, which contains the path to the mail directory.", "edition": 4, "cvss3": {}, "published": "2004-11-23T05:00:00", "title": "CVE-2004-0336", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2004-0336"], "modified": "2017-10-10T01:30:00", "cpe": ["cpe:/a:software602:602pro_lan_suite:2002", "cpe:/a:software602:602pro_lan_suite:2003"], "id": "CVE-2004-0336", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0336", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:software602:602pro_lan_suite:2003:*:*:*:*:*:*:*", "cpe:2.3:a:software602:602pro_lan_suite:2002:*:*:*:*:*:*:*"]}]}
