Lucene search

[email protected]NVD:CVE-2002-2389

HistoryDec 31, 2002 - 5:00 a.m.

CVE-2002-2389

2002-12-3105:00:00

CWE-255

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

0.011

Percentile

84.7%

JSON

TheServer 1.74 web server stores server.ini under the web document root with insufficient access control, which allows remote attackers to obtain cleartext passwords and gain access to server log files.

Affected configurations

Nvd

Node

fastlink_softwarethe_serverMatch1.74

VendorProductVersionCPE
fastlink_softwarethe_server1.74cpe:2.3:a:fastlink_software:the_server:1.74:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
fastlink_software	the_server	1.74	cpe:2.3:a:fastlink_software:the_server:1.74:::::::*

References

lists.grok.org.uk/pipermail/full-disclosure/2002-July/000138.html

securitytracker.com/id?1004799

www.iss.net/security_center/static/9624.php

www.securityfocus.com/archive/1/295325

www.securityfocus.com/bid/5250

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

0.011

Percentile

84.7%

JSON

Related for NVD:CVE-2002-2389

openvas2 cvelist1 nessus1 cve1