Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0462

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2002-0462
Last Modified 05 Sep 2008 04:28:05
Published 12 Aug 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0462

Summary

bigsam_guestbook.php for Big Sam (Built-In Guestbook Stand-Alone Module) 1.1.08 and earlier allows remote attackers to cause a denial of service (CPU consumption) or obtain the absolute path of the web server via a displayBegin parameter with a very large number, which leaks the web path in an error message when PHP safe_mode is enabled, or consumes resources when safe_mode is not enabled.

Vulnerable Systems

Application

  • Big Sam 1.1.08


References

BID - 4312

XF - bigsam-safemode-path-disclosure(8479)

XF - bigsam-displaybegin-dos(8478)

BUGTRAQ - 20020318 [ARL02-A11] Big Sam (Built-In Guestbook Stand-Alone Module) Multiple Vulnerabilities

CONFIRM - http://www.gezzed.net/bigsam/bigsam.1_1_12.php.txt

OSVDB - 5288

OSVDB - 5287


Last Updated: 27 May 2016 10:36:54