Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-2335

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2002-2335
Last Modified 05 Sep 2008 04:32:57
Published 31 Dec 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-2335

Summary

Killer Protection 1.0 stores the vars.inc include file under the web root with insufficient access control, which allows remote attackers to obtain user names and passwords and log in using protection.php.

Vulnerable Systems

Application

  • John Drake Killer Protection 1.0


References

BID - 5905

XF - killer-protection-vars-password(10315)

BUGTRAQ - 20021006 phpSecurePages & Killer Protection ( PHP )


Last Updated: 27 May 2016 10:37:42