CVE-2002-0203

ttawebtop.cgi in Tarantella Enterprise 3.20 on SPARC Solaris and Linux, and 3.1x and 3.0x including 3.11.903, allows remote attackers to view directory contents via an empty pg parameter.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://marc.info/?l=bugtraq&m=101190195430376&w=2
http://www.tarantella.com/security/bulletin-03.html	Patch Vendor Advisory URL Repurposed
http://marc.info/?l=bugtraq&m=101190195430376&w=2
http://www.tarantella.com/security/bulletin-03.html	Patch Vendor Advisory URL Repurposed

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:tarantella:tarantella_enterprise:3.0:::::::*
	cpe:2.3:a:tarantella:tarantella_enterprise:3.10:::::::*
	cpe:2.3:a:tarantella:tarantella_enterprise:3.20:::::::*

History

20 Nov 2024, 23:38

Type	Values Removed	Values Added
References	~~() http://marc.info/?l=bugtraq&m=101190195430376&w=2 -~~	() http://marc.info/?l=bugtraq&m=101190195430376&w=2 -
References	~~() http://www.tarantella.com/security/bulletin-03.html - Patch, Vendor Advisory, URL Repurposed~~	() http://www.tarantella.com/security/bulletin-03.html - Patch, Vendor Advisory, URL Repurposed

14 Feb 2024, 01:17

Type	Values Removed	Values Added
References	~~() http://www.tarantella.com/security/bulletin-03.html - Patch, Vendor Advisory~~	() http://www.tarantella.com/security/bulletin-03.html - Patch, Vendor Advisory, URL Repurposed

Information

Published : 2002-05-16 04:00

Updated : 2024-11-20 23:38

NVD link : CVE-2002-0203

Mitre link : CVE-2002-0203

CVE.ORG link : CVE-2002-0203

JSON object : View

Products Affected

tarantella

tarantella_enterprise

CWE

NVD-CWE-Other

{"id": "CVE-2002-0203", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2002-05-16T04:00:00.000", "references": [{"url": "http://marc.info/?l=bugtraq&m=101190195430376&w=2", "source": "cve@mitre.org"}, {"url": "http://www.tarantella.com/security/bulletin-03.html", "tags": ["Patch", "Vendor Advisory", "URL Repurposed"], "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=bugtraq&m=101190195430376&w=2", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.tarantella.com/security/bulletin-03.html", "tags": ["Patch", "Vendor Advisory", "URL Repurposed"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "ttawebtop.cgi in Tarantella Enterprise 3.20 on SPARC Solaris and Linux, and 3.1x and 3.0x including 3.11.903, allows remote attackers to view directory contents via an empty pg parameter."}, {"lang": "es", "value": "ttawebpot.cgi en Tarantella Enterprise 3.20 en SPARC Solaris y Linux, y 3.1x y 3.0x incluyendo 3.11.903, permite atacantes remotos ver los contenidos del directorio mediante un par\u00e1metro pg vac\u00edo."}], "lastModified": "2024-11-20T23:38:32.560", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CDA7723A-7057-4410-A6B9-885B10ACEE8D"}, {"criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "680CCD63-BC37-4ED5-8CFF-B36D115F7D84"}, {"criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9519BCB2-B401-44CE-97F6-847BB36AE45F"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}