1.0Professional

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

cgiscript-net

NVD

Published: 2002-10-04

Updated: 2024-11-20

Summary

CGIScript.net csNews.cgi allows remote attackers to obtain potentially sensitive information, such as the full server pathname and other configuration settings, via the viewnews command with an invalid database, which leaks the information in error messages.

Vulnerable Configurations

Part	Description	Count
Application	Cgiscript.Net Cgiscript.Net Csnews 1.0 Cgiscript.Net Csnews 1.0_Professional	2

References

http://archives.neohapsis.com/archives/bugtraq/2002-06/0091.html
http://archives.neohapsis.com/archives/bugtraq/2002-06/0091.html
http://www.iss.net/security_center/static/9331.php
http://www.iss.net/security_center/static/9331.php