Vulnerabilities > CVE-2002-0513 - Unspecified vulnerability in Symatec Popper MOD 1.0/1.2/1.2.1
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN symatec
nessus
Summary
The PHP administration script in popper_mod 1.2.1 and earlier relies on Apache .htaccess authentication, which allows remote attackers to gain privileges if the script is not appropriately configured by the administrator.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 |
Nessus
NASL family | CGI abuses |
NASL id | POPPER_MOD.NASL |
description | It is possible to administrate the remote popper_mod CGI by requesting the /admin directory directly. An attacker may use this flaw to obtain the passwords of your users. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 11334 |
published | 2003-03-09 |
reporter | This script is Copyright (C) 2003-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/11334 |
title | popper_mod PHP Administration Script Authentication Bypass |
code |
|