Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1149

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2002-1149
Last Modified 10 Sep 2008 03:13:57
Published 11 Oct 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1149

Summary

The installation procedure for Invision Board suggests that users install the phpinfo.php program under the web root, which leaks sensitive information such as absolute pathnames, OS information, and PHP settings.

Vulnerable Systems

Application

  • Invision Power Services Invision Board 1.0

  • Invision Power Services Invision Board 1.0.1


References

BID - 5789

OSVDB - 3356

XF - invision-phpinfo-information-disclosure(10178)

BUGTRAQ - 20020924 Information Disclosure with Invision Board installation (fwd)


Last Updated: 27 May 2016 10:37:12