Lucene search
HistoryJan 17, 2003 - 5:00 a.m.
CVE-2002-1390
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.5 Medium
AI Score
Confidence
Low
0.005 Low
EPSS
Percentile
76.3%
The daemon for GeneWeb before 4.09 does not properly handle requested paths, which allows remote attackers to read arbitrary files via a crafted URL.
Affected configurations
Node
genewebgenewebMatch4.05
ORgenewebgenewebMatch4.06
ORgenewebgenewebMatch4.07
ORgenewebgenewebMatch4.08
Related
openvas
openvas
Debian Security Advisory DSA 223-1 (geneweb)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-223)
2008-01-17 00:00:00
debian
debian
[SECURITY] [DSA 223-1] New geneweb packages fix information exposure
2003-01-07 15:27:45
[SECURITY] [DSA 223-1] New geneweb packages fix information exposure
2003-01-07 15:27:45
cve
cve
CVE-2002-1390
2004-09-01 04:00:00
nessus
nessus
Debian DSA-223-1 : geneweb - information exposure
2004-09-29 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 223-1] New geneweb packages fix information exposure
2003-01-08 00:00:00
cvelist
cvelist
CVE-2002-1390
2004-09-01 04:00:00
osv
osv
geneweb - information exposure
2003-01-07 00:00:00
debiancve
debiancve
CVE-2002-1390
2004-09-01 04:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.5 Medium
AI Score
Confidence
Low
0.005 Low
EPSS
Percentile
76.3%
Related for NVD:CVE-2002-1390