Vulnerabilities > CVE-2002-0107 - Unspecified vulnerability in Cacheflow Cacheos

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

cacheflow

exploit available

NVD

Published: 2002-03-25

Updated: 2016-10-18

Summary

Web administration interface in CacheFlow CacheOS 4.0.13 and earlier allows remote attackers to obtain sensitive information via a series of GET requests that do not end in with HTTP/1.0 or another version string, which causes the information to be leaked in the error message.

Vulnerable Configurations

Part	Description	Count
Application	Cacheflow Cacheflow Cacheos 0.0 Cacheflow Cacheos 3.1.02 Cacheflow Cacheos 3.1.03 Cacheflow Cacheos 3.1.04 Cacheflow Cacheos 3.1.05 Cacheflow Cacheos 3.1.06 Cacheflow Cacheos 3.1.07 Cacheflow Cacheos 3.1.08 Cacheflow Cacheos 3.1.09 Cacheflow Cacheos 3.1.10 Cacheflow Cacheos 3.1.11 Cacheflow Cacheos 3.1.12 Cacheflow Cacheos 3.1.13 Cacheflow Cacheos 3.1.14 Cacheflow Cacheos 3.1.15 Cacheflow Cacheos 3.1.16 Cacheflow Cacheos 3.1.17 Cacheflow Cacheos 3.1.18 Cacheflow Cacheos 3.1.19 Cacheflow Cacheos 3.1.20 Cacheflow Cacheos 4.0.11 Cacheflow Cacheos 4.0.12 Cacheflow Cacheos 4.0.13	23

Exploit-Db

description	Cacheflow CacheOS 3.1/4.0 Web Administration Arbitrary Cached Page Code Leakage Vulnerability. CVE-2002-0107. Remote exploits for multiple platform
id	EDB-ID:21212
last seen	2016-02-02
modified	2002-01-08
published	2002-01-08
reporter	Bjorn Djupvik
source	https://www.exploit-db.com/download/21212/
title	Cacheflow CacheOS 3.1/4.0 Web Administration Arbitrary Cached Page Code Leakage Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References