Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-2218

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2002-2218
Last Modified 05 Sep 2008 04:32:38
Published 31 Dec 2002 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-2218

Summary

CRLF injection vulnerability in the setUserValue function in sipssys/code/site.inc.php in Haakon Nilsen simple, integrated publishing system (SIPS) before 20020209 has unknown impact, possibly gaining privileges or modifying critical configuration, via a CRLF sequence in a key value.

Vulnerable Systems

Application

  • Sips


References

CONFIRM - http://sips.cvs.sourceforge.net/sips/sips/sipssys/code/site.inc.php?view=log

CONFIRM - http://sips.cvs.sourceforge.net/sips/sips/sipssys/code/site.inc.php?r1=1.13&r2=1.14


Last Updated: 27 May 2016 10:37:39