Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4013

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-4013
Last Modified 07 Mar 2011 09:27:33
Published 05 Dec 2005 06:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-4013

Summary

PHP Web Statistik 1.4 stores the stat.cfg file under the web root with insufficient access control, which allows remote attackers to obtain sensitive information such as statistics and the log directory location, possibly including the logdb.dta file.

Vulnerable Systems

Application

  • Php Web Statistik 1.4


References

MISC - http://www.ush.it/2005/11/19/php-web-statistik/

XF - phpwebstatistik-stat-logdb-obtain-info(23382)

VUPEN - ADV-2005-2645

OSVDB - 21210

OSVDB - 21209

SECUNIA - 17789

MISC - http://freewebstat.com/changelog-english.html

BUGTRAQ - 20051128 Php Web Statistik Multiple Vulnerabilities


Last Updated: 27 May 2016 10:41:08