CVE-2004-1990

Опубликовано: 03 мар. 2004

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Aldo's Web Server (aweb) 1.5 allows remote attackers to gain sensitive information via an arbitrary character, which reveals the full path and the user running the aweb process, possibly due to a malformed request.

Ссылки

http://marc.info/?l=bugtraq&m=108360629031227&w=2
http://secunia.com/advisories/11542
Exploit
Vendor Advisory
http://www.oliverkarow.de/research/AldosWebserverMultipleVulns.txt
Exploit
Vendor Advisory
http://www.osvdb.org/5880
http://www.securityfocus.com/bid/10262
Exploit
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/16047
http://marc.info/?l=bugtraq&m=108360629031227&w=2
http://secunia.com/advisories/11542
Exploit
Vendor Advisory
http://www.oliverkarow.de/research/AldosWebserverMultipleVulns.txt
Exploit
Vendor Advisory
http://www.osvdb.org/5880
http://www.securityfocus.com/bid/10262
Exploit
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/16047

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:aldo_vargas:aldos_web_server:1.5:*:*:*:*:*:*:*

EPSS

Процентиль: 75%

0.00916

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-8c59-r54h-654w

github

почти 4 года назад