Vulnerabilities > CVE-2002-2175 - Unspecified vulnerability in PHP PHPsquidpass

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

php

NVD

Published: 2002-12-31

Updated: 2016-10-18

Summary

phpSquidPass before 0.2 uses an incomplete regular expression to find a matching username in its database, which allows remote authenticated attackers to effectively delete other usernames via a short username that matches the end of the targeted username.

Vulnerable Configurations

Part	Description	Count
Application	Php PHP Phpsquidpass *	1

References

http://sourceforge.net/forum/forum.php?forum_id=188359
http://www.iss.net/security_center/static/9417.php
http://www.securityfocus.com/bid/5090
http://marc.info/?l=bugtraq&m=102508071021631&w=2