Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1390

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2002-1390
Last Modified 10 Sep 2008 03:14:27
Published 17 Jan 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1390

Summary

The daemon for GeneWeb before 4.09 does not properly handle requested paths, which allows remote attackers to read arbitrary files via a crafted URL.

Vulnerable Systems

Application

  • Geneweb 4.05

  • Geneweb 4.06

  • Geneweb 4.07

  • Geneweb 4.08


References

DEBIAN - DSA-223

CONFIRM - http://cristal.inria.fr/~ddr/GeneWeb/en/version/4.09.html

XF - geneweb-absolute-information-disclosure(11021)

BID - 6549


Last Updated: 27 May 2016 10:37:18