Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5853

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-5853
Last Modified 29 Jan 2009 02:00:29
Published 06 Jan 2009 12:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-5853

Summary

Chilek Content Management System (aka ChiCoMaS) 2.0.4 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to (1) obtain database credentials via a direct request for config.inc or (2) read database backups via a request for a backup/ URI.

Vulnerable Systems

Application

  • Chicomas 2.0.3

  • Chicomas 2.0.4


References

BUGTRAQ - 20081220 chicomas <=2.0.4 Multiple Vulnerabilities

MILW0RM - 7532

MISC - http://www.bugreport.ir/index_59.htm

SREASON - 4872

SECUNIA - 30080


Last Updated: 27 May 2016 10:48:57