CVE-2002-2389

TheServer 1.74 web server stores server.ini under the web document root with insufficient access control, which allows remote attackers to obtain cleartext passwords and gain access to server log files...

TheServer Detection

Checks whether TheServer is present on the target system and if so, tries to figure out the installed version. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU...

CVE-2002-2389

The CVE-2002-2389 entry concerns TheServer 1.74 web server. The vulnerability arises from storing server.ini under the web document root with insufficient access control, enabling remote attackers to read cleartext passwords and access server log files. This is corroborated by multiple connected ...

CVE-2002-2389

TheServer 1.74 web server stores server.ini under the web document root with insufficient access control, which allows remote attackers to obtain cleartext passwords and gain access to server log files...

TheServer clear text password

We were able to read the server.ini file It may contain sensitive information like clear text passwords. This flaw is known to affect TheServer. OpenVAS Vulnerability Test $Id: theservercleartext.nasl 8023 2017-12-07 08:36:26Z teissa $ Description: TheServer clear text password Authors: Michel...

TheServer server.ini Direct Request Plaintext Credentials Disclosure

We were able to read the server.ini file. It may contain sensitive information like plaintext passwords. This flaw is known to affect TheServer. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. References: Date: Mon, 14 Oct 2002 14:50:02 -0400 EDT From: "Larry W. Cashdollar" To:...

CVE-2002-2389

TheServer 1.74 web server stores server.ini under the web document root with insufficient access control, which allows remote attackers to obtain cleartext passwords and gain access to server log files...