CVE-2002-0920

Name of the Vulnerable Software and Affected Versions: CGIScript.net csPassword.cgi (affected versions not specified)

Description: The issue concerns the storage of sensitive data in a temporary file. Specifically, usernames and unencrypted passwords are stored in the password.cgi.tmp temporary file while data is being modified. This could potentially allow local users, and possibly remote attackers, to gain privileges by accessing the file before it has been processed.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.