PT-2002-2085 · Aprelium · Abyss Web Server
Published
2002-08-31
·
Updated
2008-09-05
·
CVE-2002-1080
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions:
Abyss Web Server version 1.0.3 before Patch 2
Description:
The issue allows remote attackers to gain privileges and modify server configuration via direct requests to certain files, including
srvstatus.chl, consport.chl, general.chl, srvparam.chl, and advanced.chl.Recommendations:
For Abyss Web Server version 1.0.3, apply Patch 2 to resolve the issue. As a temporary workaround, consider restricting access to the mentioned
.chl files to minimize the risk of exploitation.Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Abyss Web Server