Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1540

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2003-1540
Last Modified 05 Sep 2008 04:37:12
Published 31 Dec 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-1540

Summary

WF-Chat 1.0 Beta stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain authentication information via a direct request to (1) !pwds.txt and (2) !nicks.txt.

Vulnerable Systems

Application

  • Wfchat 1.0


References

XF - wf-chat-plaintext-passwords(11571)

BID - 7147

BUGTRAQ - 20030319 WF-Chat

SECTRACK - 1006352

SECUNIA - 8396

SREASON - 3645


Last Updated: 27 May 2016 10:38:24