Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0839

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2001-0839
Last Modified 05 Sep 2008 04:25:02
Published 06 Dec 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-0839

Summary

ibillpm.pl in iBill password management system generates weak passwords based on a client's MASTER_ACCOUNT, which allows remote attackers to modify account information in the .htpasswd file via brute force password guessing.

Vulnerable Systems

Application

  • Ibill Internet Billing Company Processing Plus


References

XF - ibillpm-cgi-insecure-password(7352)

BID - 3476

BUGTRAQ - 20011025 Weak authentication in iBill's Password Management CGI


Last Updated: 27 May 2016 10:36:25