Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0107

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2002-0107
Last Modified 05 Sep 2008 04:27:11
Published 25 Mar 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0107

Summary

Web administration interface in CacheFlow CacheOS 4.0.13 and earlier allows remote attackers to obtain sensitive information via a series of GET requests that do not end in with HTTP/1.0 or another version string, which causes the information to be leaked in the error message.

Vulnerable Systems

Application

  • Cacheflow Cacheos 0.0

  • Cacheflow Cacheos 3.1.02

  • Cacheflow Cacheos 3.1.03

  • Cacheflow Cacheos 3.1.04

  • Cacheflow Cacheos 3.1.05

  • Cacheflow Cacheos 3.1.06

  • Cacheflow Cacheos 3.1.07

  • Cacheflow Cacheos 3.1.08

  • Cacheflow Cacheos 3.1.09

  • Cacheflow Cacheos 3.1.10

  • Cacheflow Cacheos 3.1.11

  • Cacheflow Cacheos 3.1.12

  • Cacheflow Cacheos 3.1.13

  • Cacheflow Cacheos 3.1.14

  • Cacheflow Cacheos 3.1.15

  • Cacheflow Cacheos 3.1.16

  • Cacheflow Cacheos 3.1.17

  • Cacheflow Cacheos 3.1.18

  • Cacheflow Cacheos 3.1.19

  • Cacheflow Cacheos 3.1.20

  • Cacheflow Cacheos 4.0.11

  • Cacheflow Cacheos 4.0.12

  • Cacheflow Cacheos 4.0.13


References

BID - 3841

XF - cachos-insecure-web-interface(7835)

BUGTRAQ - 20020205 RE: svindel.net security advisory - web admin vulnerability in Ca cheOS

BUGTRAQ - 20020108 svindel.net security advisory - web admin vulnerability in CacheOS


Last Updated: 27 May 2016 10:36:46