Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1213

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2003-1213
Last Modified 05 Sep 2008 04:36:20
Published 31 Dec 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-1213

Summary

The default installation of MaxWebPortal 1.30 stores the portal database under the web document root with insecure access control, which allows remote attackers to obtain sensitive information via a direct request to database/db2000.mdb.

Vulnerable Systems

Application

  • Maxwebportal 1.30


References

BID - 7837

BUGTRAQ - 20030606 Critical Vulnerabilities In Max Web Portal

XF - maxwebportal-database-access(12279)

SECUNIA - 8979


Last Updated: 27 May 2016 10:38:16