Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1990

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-1990
Last Modified 05 Sep 2008 04:42:53
Published 03 Mar 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-1990

Summary

Aldo's Web Server (aweb) 1.5 allows remote attackers to gain sensitive information via an arbitrary character, which reveals the full path and the user running the aweb process, possibly due to a malformed request.

Vulnerable Systems

Application

  • Aldo Vargas Aldos Web Server 1.5


References

XF - aweb-path-disclosure(16047)

BID - 10262

MISC - http://www.oliverkarow.de/research/AldosWebserverMultipleVulns.txt

SECUNIA - 11542

BUGTRAQ - 20040503 Multible_Vulnerabilites_in_Aldos_Webserver

OSVDB - 5880


Last Updated: 27 May 2016 10:39:16