Vulnerabilities > CVE-2002-0544 - Unspecified vulnerability in Aprelium Technologies Abyss web Server 1.0

047910
CVSS 7.2 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
local
low complexity
aprelium-technologies
exploit available
NVD
Published: 2002-07-03
Updated: 2008-09-05

Summary

Aprelium Abyss Web Server (abyssws) before 1.0.3 stores the administrative console password in plaintext in the abyss.conf file, which allows local users with access to the file to gain privileges.

Vulnerable Configurations

Part Description Count
Application
Aprelium_Technologies
1

Exploit-Db

descriptionAbyss Web Server 1.0 File Disclosure Vulnerability. CVE-2002-0543,CVE-2002-0544. Remote exploit for windows platform
idEDB-ID:21367
last seen2016-02-02
modified2002-04-07
published2002-04-07
reporterJeremy Roberts
sourcehttps://www.exploit-db.com/download/21367/
titleAbyss Web Server 1.0 File Disclosure Vulnerability

References