5
CVE-2002-2389
- EPSS 1.9%
- Veröffentlicht 31.12.2002 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:01:12
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginTheServer 1.74 web server stores server.ini under the web document root with insufficient access control, which allows remote attackers to obtain cleartext passwords and gain access to server log files.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Fastlink Software ≫ The Server Version1.74
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.9% | 0.77 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
http://lists.grok.org.uk/pipermail/full-disclosure/2002-July/000138.html
http://securitytracker.com/id?1004799
http://www.iss.net/security_center/static/9624.php
http://www.securityfocus.com/archive/1/295325
http://www.securityfocus.com/bid/5250