PT-2002-1927 · Cgiscript.Net · Cgiscript.Net Cspassword.Cgi
Published
2002-08-31
·
Updated
2008-09-05
·
CVE-2002-0917
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions:
CGIScript.net csPassword.cgi (affected versions not specified)
Description:
The issue concerns the storage of .htpasswd files under the web document root by CGIScript.net csPassword.cgi, potentially allowing remote authenticated users to download the file and crack the passwords of other users.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Cgiscript.Net Cspassword.Cgi