Vulnerabilities > CVE-2003-0162 - Unspecified vulnerability in Ecartis 1.0.0Snapshot20021013

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

ecartis

nessus

NVD

Published: 2003-04-02

Updated: 2024-11-20

Summary

Ecartis 1.0.0 (formerly listar) before snapshot 20030227 allows remote attackers to reset passwords of other users and gain privileges by modifying hidden form fields in the HTML page.

Vulnerable Configurations

Part	Description	Count
Application	Ecartis Ecartis Ecartis 1.0.0_Snapshot_2002-10-13	1

Nessus

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-271.NASL
description	A problem has been discovered in ecartis, a mailing list manager, formerly known as listar. This vulnerability enables an attacker to reset the password of any user defined on the list server, including the list admins.
last seen	2020-06-01
modified	2020-06-02
plugin id	15108
published	2004-09-29
reporter	This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/15108
title	Debian DSA-271-1 : ecartis - unauthorized password change

NASL family	CGI abuses
NASL id	ECARTIS_HIDDEN_USERNAME.NASL
description	The remote host is running the Ecartis Mailing List Manager web interface (lsg2.cgi). According to its version number, there is a vulnerability that allows an authenticated user to change anyone
last seen	2020-06-01
modified	2020-06-02
plugin id	11505
published	2003-03-30
reporter	This script is Copyright (C) 2003-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/11505
title	Ecartis HTML Field Manipulation Arbitrary User Password Reset

Summary

Vulnerable Configurations

Nessus

References