CVE-2002-2389

TheServer 1.74 web server stores server.ini under the web document root with insufficient access control, which allows remote attackers to obtain cleartext passwords and gain access to server log files.
Configurations

Configuration 1 (hide)

cpe:2.3:a:fastlink_software:the_server:1.74:*:*:*:*:*:*:*

History

No history.

Information

Published : 2002-12-31 05:00

Updated : 2024-02-04 16:31


NVD link : CVE-2002-2389

Mitre link : CVE-2002-2389

CVE.ORG link : CVE-2002-2389


JSON object : View

Products Affected

fastlink_software

  • the_server
CWE
CWE-255

Credentials Management Errors