exploitDog

CVE-2003-1297

Опубликовано: 31 дек. 2003

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Easy File Sharing (EFS) Web Server 1.2 stores the (1) option.ini (aka options.ini) file and (2) log directory under the web root with insufficient access control, which allows remote attackers to obtain sensitive information including an SMTP account username and password hash, the server configuration, and server log files.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2003-10/0083.html
Exploit
http://www.osvdb.org/23794
Exploit
Patch
http://www.osvdb.org/23795
Exploit
Patch
http://archives.neohapsis.com/archives/bugtraq/2003-10/0083.html
Exploit
http://www.osvdb.org/23794
Exploit
Patch
http://www.osvdb.org/23795
Exploit
Patch

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:efs_software:efs_web_server:1.2:*:*:*:*:*:*:*

EPSS

Процентиль: 61%

0.00408

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-x367-6564-4q6f

github

почти 4 года назад

Easy File Sharing (EFS) Web Server 1.2 stores the (1) option.ini (aka options.ini) file and (2) log directory under the web root with insufficient access control, which allows remote attackers to obtain sensitive information including an SMTP account username and password hash, the server configuration, and server log files.

EPSS

Процентиль: 61%

0.00408

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other