Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0215

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2002-0215
Last Modified 10 Sep 2008 08:00:43
Published 16 May 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0215

Summary

Agora.cgi 3.2r through 4.0 while in debug mode allows remote attackers to determine the full pathname of the agora.cgi file by requesting a non-existent .html file, which leaks the pathname in an error message.

Vulnerable Systems

Application

  • Steve Kneizys Agora.cgi 3.2

  • Steve Kneizys Agora.cgi 3.2a

  • Steve Kneizys Agora.cgi 3.2b

  • Steve Kneizys Agora.cgi 3.2c

  • Steve Kneizys Agora.cgi 3.2d

  • Steve Kneizys Agora.cgi 3.2e

  • Steve Kneizys Agora.cgi 3.2f

  • Steve Kneizys Agora.cgi 3.2g

  • Steve Kneizys Agora.cgi 3.2h

  • Steve Kneizys Agora.cgi 3.2i

  • Steve Kneizys Agora.cgi 3.2j

  • Steve Kneizys Agora.cgi 3.2ja

  • Steve Kneizys Agora.cgi 3.2k

  • Steve Kneizys Agora.cgi 3.2l

  • Steve Kneizys Agora.cgi 3.2m

  • Steve Kneizys Agora.cgi 3.2n

  • Steve Kneizys Agora.cgi 3.2p

  • Steve Kneizys Agora.cgi 3.2q

  • Steve Kneizys Agora.cgi 3.2r

  • Steve Kneizys Agora.cgi 3.3a

  • Steve Kneizys Agora.cgi 3.3b

  • Steve Kneizys Agora.cgi 3.3c

  • Steve Kneizys Agora.cgi 3.3d

  • Steve Kneizys Agora.cgi 3.3e

  • Steve Kneizys Agora.cgi 3.3f

  • Steve Kneizys Agora.cgi 3.3i

  • Steve Kneizys Agora.cgi 3.3j

  • Steve Kneizys Agora.cgi 4.0

  • Steve Kneizys Agora.cgi 4.0a

  • Steve Kneizys Agora.cgi 4.0b

  • Steve Kneizys Agora.cgi 4.0c

  • Steve Kneizys Agora.cgi 4.0d

  • Steve Kneizys Agora.cgi 4.0e


References

XF - agora-cgi-revel-path(8011)

BUGTRAQ - 20020128 [SUPERPETZ ADVISORY #001 - agora.cgi Secret Path Disclosure Vulnerability]

BID - 3976


Last Updated: 27 May 2016 10:36:50