CVE-2004-1603

Опубликовано: 18 окт. 2004

Источник: nvd

CVSS3: 5.5

CVSS2: 5

EPSS Низкий

Описание

cPanel 9.4.1-RELEASE-64 follows hard links, which allows local users to (1) read arbitrary files via the backup feature or (2) chown arbitrary files via the .htaccess file when Front Page extensions are enabled or disabled.

Ссылки

http://marc.info/?l=bugtraq&m=109811572123753&w=2
Mailing List
http://marc.info/?l=bugtraq&m=109811654104208&w=2
Mailing List
http://secunia.com/advisories/12865
Broken Link
Exploit
Patch
Vendor Advisory
http://www.securityfocus.com/bid/11449
Broken Link
Exploit
Patch
Third Party Advisory
VDB Entry
Vendor Advisory
http://www.securityfocus.com/bid/11455
Broken Link
Exploit
Patch
Third Party Advisory
VDB Entry
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/17779
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/17780
Third Party Advisory
VDB Entry
http://marc.info/?l=bugtraq&m=109811572123753&w=2
Mailing List
http://marc.info/?l=bugtraq&m=109811654104208&w=2
Mailing List
http://secunia.com/advisories/12865
Broken Link
Exploit
Patch
Vendor Advisory
http://www.securityfocus.com/bid/11449
Broken Link
Exploit
Patch
Third Party Advisory
VDB Entry
Vendor Advisory
http://www.securityfocus.com/bid/11455
Broken Link
Exploit
Patch
Third Party Advisory
VDB Entry
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/17779
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/17780
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cpanel:cpanel:9.4.1:*:*:*:*:*:*:*

EPSS

Процентиль: 32%

0.00122

Низкий

5.5 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-59

Связанные уязвимости

GHSA-8cvx-3rg5-x9j3