Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0689

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2000-0689
Last Modified 05 Sep 2008 04:21:38
Published 20 Oct 2000 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2000-0689

Summary

Account Manager LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the amadmin.pl script with the setpasswd parameter.

Vulnerable Systems

Application

  • Cgi Script Center Account Manager Lite 1.0

  • Cgi Script Center Account Manager Pro 1.0


References

BID - 1604

CONFIRM - http://www.cgiscriptcenter.com/acctlite/

BUGTRAQ - 20000823 Account Manager CGI Vulnerability

XF - account-manager-overwrite-password(5125)

OSVDB - 13341


Last Updated: 27 May 2016 10:35:50