1. CVE-Search
  2. CVE-2002-0112
ID CVE-2002-0112
Summary Etype Eserv 2.97 allows remote attackers to view password protected files via /./ in the URL.
References
Vulnerable Configurations
  • cpe:2.3:a:etype:eserv:2.92:*:*:*:*:*:*:*
    cpe:2.3:a:etype:eserv:2.92:*:*:*:*:*:*:*
  • cpe:2.3:a:etype:eserv:2.93:*:*:*:*:*:*:*
    cpe:2.3:a:etype:eserv:2.93:*:*:*:*:*:*:*
  • cpe:2.3:a:etype:eserv:2.94:*:*:*:*:*:*:*
    cpe:2.3:a:etype:eserv:2.94:*:*:*:*:*:*:*
  • cpe:2.3:a:etype:eserv:2.95:*:*:*:*:*:*:*
    cpe:2.3:a:etype:eserv:2.95:*:*:*:*:*:*:*
  • cpe:2.3:a:etype:eserv:2.95_beta2:*:*:*:*:*:*:*
    cpe:2.3:a:etype:eserv:2.95_beta2:*:*:*:*:*:*:*
  • cpe:2.3:a:etype:eserv:2.96:*:*:*:*:*:*:*
    cpe:2.3:a:etype:eserv:2.96:*:*:*:*:*:*:*
  • cpe:2.3:a:etype:eserv:2.97:*:*:*:*:*:*:*
    cpe:2.3:a:etype:eserv:2.97:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 18-10-2016 - 02:16)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
refmap via4
bid 3838
bugtraq
  • 20020109 Eserv 2.97 Password Protected File Arbitrary Read Access Vulnerability
  • 20020111 Eserv 2.97 Password Protected File Arbitrary Read Access Vulnerability (Solution)
ntbugtraq 20020109 Eserv 2.97 Password Protected File Arbitrary Read Access Vulnerability
vulnwatch 20020109 Eserv 2.97 Password Protected File Arbitrary Read Access Vulnerability
xf eserv-protected-file-access(7849)
Last major update 18-10-2016 - 02:16
Published 25-03-2002 - 05:00
Last modified 18-10-2016 - 02:16
Back to Top