Vulnerability Name: | CVE-2002-0918 (CCN-9221) | ||||||||
Assigned: | 2002-05-29 | ||||||||
Published: | 2002-05-29 | ||||||||
Updated: | 2008-09-05 | ||||||||
Summary: | CGIScript.net csPassword.cgi leaks sensitive information such as the pathname of the server in debug messages that are presented when the script fails, which allows remote attackers to obtain the information via a "remove" option in the command parameter, which generates an error. | ||||||||
CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
| ||||||||
CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
| ||||||||
Vulnerability Type: | CWE-Other | ||||||||
Vulnerability Consequences: | Obtain Information | ||||||||
References: | Source: CCN Type: BugTraq Mailing List, Wed May 29 2002 - 17:16:28 CDT CGIscript.net - csPassword.cgi - Multiple Vulnerabilities Source: MITRE Type: CNA CVE-2002-0918 Source: BUGTRAQ Type: UNKNOWN 20020529 CGIscript.net - csPassword.cgi - Multiple Vulnerabilities Source: CCN Type: CGIScript.net Web site CGI Script.net - Contact Us Source: XF Type: Patch, Vendor Advisory cgiscript-cspassword-information-disclosure(9221) Source: CCN Type: OSVDB ID: 14499 CGIScript.net csPassword.cgi Debug Message Path Disclosure Source: BID Type: Exploit, Patch, Vendor Advisory 4887 Source: CCN Type: BID-4887 CGIScript.net csPassword.CGI Information Disclosure Vulnerability Source: XF Type: UNKNOWN cgiscript-cspassword-information-disclosure(9221) | ||||||||
Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
BACK |