The Administration console for Abyss Web Server 1.0.3 before Patch 2 allows remote attackers to gain privileges and modify server configuration via direct requests to CHL files such as (1) srvstatus.chl, (2) consport.chl, (3) general.chl, (4) srvparam.chl, and (5) advanced.chl.
References
Link | Resource |
---|---|
http://archives.neohapsis.com/archives/bugtraq/2002-08/0229.html | |
http://www.aprelium.com/news/patch1033.html | |
http://www.iss.net/security_center/static/9957.php | Patch Vendor Advisory |
http://www.securityfocus.com/bid/5548 | Exploit Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2002-08-31T04:00:00
Updated: 2007-10-16T00:00:00
Reserved: 2002-08-30T00:00:00
Link: CVE-2002-1080
JSON object: View
NVD Information
Status : Analyzed
Published: 2002-10-04T04:00:00.000
Modified: 2008-09-05T20:29:43.580
Link: CVE-2002-1080
JSON object: View
Redhat Information
No data.
CWE