exploitDog

CVE-2002-0920

Опубликовано: 04 окт. 2002

Источник: nvd

CVSS2: 5.1

EPSS Низкий

Описание

CGIScript.net csPassword.cgi stores usernames and unencrypted passwords in the password.cgi.tmp temporary file while modifying data, which could allow local users (and possibly remote attackers) to gain privileges by stealing the file before it has been processed.

Ссылки

http://online.securityfocus.com/archive/1/274727
http://www.iss.net/security_center/static/9223.php
Patch
Vendor Advisory
http://www.securityfocus.com/bid/4889
http://online.securityfocus.com/archive/1/274727
http://www.iss.net/security_center/static/9223.php
Patch
Vendor Advisory
http://www.securityfocus.com/bid/4889

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cgiscript.net:cspassword:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 70%

0.00638

Низкий

5.1 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-8gp3-9ghw-c8p7

github

почти 4 года назад

CGIScript.net csPassword.cgi stores usernames and unencrypted passwords in the password.cgi.tmp temporary file while modifying data, which could allow local users (and possibly remote attackers) to gain privileges by stealing the file before it has been processed.

EPSS

Процентиль: 70%

0.00638

Низкий

5.1 Medium

CVSS2

Дефекты

NVD-CWE-Other