Vulnerabilities > CVE-2002-0310 - Unspecified vulnerability in Netwin Webnews

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

netwin

NVD

Published: 2002-05-31

Updated: 2024-11-20

Summary

Netwin WebNews 1.1k CGI program includes several default usernames and cleartext passwords that cannot be deleted by the administrator, which allows remote attackers to gain privileges via the username/password combinations (1) testweb/newstest, (2) alwn3845/imaptest, (3) alwi3845/wtest3452, or (4) testweb2/wtest4879.

Vulnerable Configurations

Part	Description	Count
Application	Netwin Netwin Webnews 1.1I Netwin Webnews 1.1H Netwin Webnews 1.1J Netwin Webnews 1.1K	4

References

http://marc.info/?l=bugtraq&m=101432236729631&w=2
http://marc.info/?l=bugtraq&m=101432236729631&w=2
http://www.securityfocus.com/bid/4156
http://www.securityfocus.com/bid/4156
https://exchange.xforce.ibmcloud.com/vulnerabilities/8255
https://exchange.xforce.ibmcloud.com/vulnerabilities/8255