ID CVE-2002-0203
Summary ttawebtop.cgi in Tarantella Enterprise 3.20 on SPARC Solaris and Linux, and 3.1x and 3.0x including 3.11.903, allows remote attackers to view directory contents via an empty pg parameter.
References
Vulnerable Configurations
  • cpe:2.3:a:tarantella:tarantella_enterprise:3.0:*:*:*:*:*:*:*
    cpe:2.3:a:tarantella:tarantella_enterprise:3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tarantella:tarantella_enterprise:3.20:*:*:*:*:*:*:*
    cpe:2.3:a:tarantella:tarantella_enterprise:3.20:*:*:*:*:*:*:*
  • cpe:2.3:a:tarantella:tarantella_enterprise:3.10:*:*:*:*:*:*:*
    cpe:2.3:a:tarantella:tarantella_enterprise:3.10:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 14-02-2024 - 01:17)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
refmap via4
bugtraq 20020124 ISSTW Security Advisory Tarantella Enterprise 3.11.903 Directory Index Disclosure Vulnerability
confirm http://www.tarantella.com/security/bulletin-03.html
Last major update 14-02-2024 - 01:17
Published 16-05-2002 - 04:00
Last modified 14-02-2024 - 01:17
Back to Top