Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0776

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-0776
Last Modified 05 Sep 2008 04:28:55
Published 12 Aug 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0776

Summary

getuserdesc.asp in Hosting Controller 2002 allows remote attackers to change the passwords of arbitrary users and gain privileges by modifying the username parameter, as addressed by the "UpdateUser" hot fix.

Vulnerable Systems

Application

  • Hosting Controller 2002


References

BUGTRAQ - 20020713 Hosting Controller Vulnerability

CONFIRM - http://hostingcontroller.com/english/logs/sp2log.html

BID - 5229

XF - hosting-controller-password-modification(9554)


Last Updated: 27 May 2016 10:37:04