Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2002-2389
Description:TheServer 1.74 web server stores server.ini under the web document root with insufficient access control, which allows remote attackers to obtain cleartext passwords and gain access to server log files.
Test IDs: None available
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2002-2389
BugTraq ID: 5250
http://www.securityfocus.com/bid/5250
Bugtraq: 20021014 TheServer log file access password in cleartext w/vendor resolution. (Google Search)
http://www.securityfocus.com/archive/1/295325
http://lists.grok.org.uk/pipermail/full-disclosure/2002-July/000138.html
http://securitytracker.com/id?1004799
XForce ISS Database: fastlink-theserver-plaintext-passwords(9624)
http://www.iss.net/security_center/static/9624.php




© 1998-2024 E-Soft Inc. All rights reserved.