Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0537

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2002-0537
Last Modified 05 Sep 2008 04:28:17
Published 03 Jul 2002 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0537

Summary

The admin.html file in StepWeb Search Engine (SWS) 2.5 stores passwords in links to manager.pl, which allows remote attackers who can access the admin.html file to gain administrative privileges to SWS.

Vulnerable Systems

Application

  • Stepweb Sws 2.5


References

BID - 4503

BUGTRAQ - 20020411 SWS Vuln (small but important to those using it.)

XF - sws-insecure-admin-page(8849)


Last Updated: 27 May 2016 10:36:57