Lucene search

K
ubuntucveUbuntu.comUB:CVE-2008-1291
HistoryMar 24, 2008 - 12:00 a.m.

CVE-2008-1291

2008-03-2400:00:00
ubuntu.com
ubuntu.com
12

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

EPSS

0.006

Percentile

79.4%

ViewVC before 1.0.5 stores sensitive information under the web root with
insufficient access control, which allows remote attackers to read files
and list folders under the hidden CVSROOT folder.

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

EPSS

0.006

Percentile

79.4%