Lucene search
HistorySep 01, 2004 - 4:00 a.m.
CVE-2002-1390
geneweb
daemon
security vulnerability
remote attack
file disclosure
cve-2002-1390
nvd
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.5 Medium
AI Score
Confidence
Low
0.005 Low
EPSS
Percentile
76.3%
The daemon for GeneWeb before 4.09 does not properly handle requested paths, which allows remote attackers to read arbitrary files via a crafted URL.
Affected configurations
Node
genewebgenewebMatch4.05
ORgenewebgenewebMatch4.06
ORgenewebgenewebMatch4.07
ORgenewebgenewebMatch4.08
| CPE | Name | Operator | Version |
|---|---|---|---|
| geneweb:geneweb | geneweb | eq | 4.05 |
| geneweb:geneweb | geneweb | eq | 4.06 |
| geneweb:geneweb | geneweb | eq | 4.07 |
| geneweb:geneweb | geneweb | eq | 4.08 |
Related
osv
osv
geneweb - information exposure
2003-01-07 00:00:00
debiancve
debiancve
CVE-2002-1390
2004-09-01 04:00:00
openvas
openvas
Debian Security Advisory DSA 223-1 (geneweb)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-223)
2008-01-17 00:00:00
nvd
nvd
CVE-2002-1390
2003-01-17 05:00:00
nessus
nessus
Debian DSA-223-1 : geneweb - information exposure
2004-09-29 00:00:00
debian
debian
[SECURITY] [DSA 223-1] New geneweb packages fix information exposure
2003-01-07 15:27:45
[SECURITY] [DSA 223-1] New geneweb packages fix information exposure
2003-01-07 15:27:45
securityvulns
securityvulns
[SECURITY] [DSA 223-1] New geneweb packages fix information exposure
2003-01-08 00:00:00
cvelist
cvelist
CVE-2002-1390
2004-09-01 04:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.5 Medium
AI Score
Confidence
Low
0.005 Low
EPSS
Percentile
76.3%
Related for CVE-2002-1390