CGIScript.net csPassword.cgi stores usernames and unencrypted passwords in the password.cgi.tmp temporary file while modifying data, which could allow local users (and possibly remote attackers) to gain privileges by stealing the file before it has been processed.
References
Link | Resource |
---|---|
http://online.securityfocus.com/archive/1/274727 | |
http://www.iss.net/security_center/static/9223.php | Patch Vendor Advisory |
http://www.securityfocus.com/bid/4889 |
Configurations
History
No history.
Information
Published : 2002-10-04 04:00
Updated : 2024-02-28 10:24
NVD link : CVE-2002-0920
Mitre link : CVE-2002-0920
CVE.ORG link : CVE-2002-0920
JSON object : View
Products Affected
cgiscript.net
- cspassword
CWE