Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5601


Vulnerability Score 5.0 5.0
CVE Id CVE-2008-5601
Last Modified 29 Jan 2009 01:59:38
Published 16 Dec 2008 02:07:32
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



User Engine Lite ASP stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for users.mdb.

Vulnerable Systems


  • Robs-projects Asp User Engine Nil


MILW0RM - 7338

SREASON - 4758

SECUNIA - 32993

OSVDB - 50439

Last Updated: 27 May 2016 10:48:51