CVE Vulnerabilities

CVE-2002-0920

Published: Oct 04, 2002 | Modified: Sep 10, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5.1 MEDIUM
AV:N/AC:H/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

CGIScript.net csPassword.cgi stores usernames and unencrypted passwords in the password.cgi.tmp temporary file while modifying data, which could allow local users (and possibly remote attackers) to gain privileges by stealing the file before it has been processed.

Affected Software

Name Vendor Start Version End Version
Cspassword Cgiscript.net 1.0 (including) 1.0 (including)

References