CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2001-0133

The web administration interface for Interscan VirusWall 3.6.x and earlier does not use encryption, which could allow remote attackers to obtain the administrator password to sniff the administrator password via the setpasswd.cgi program or other HTTP GET requests that contain base64 encoded usernames and passwords.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 73.5%

CVSS Severity

CVSS v2 Score 10.0

References

http://archives.neohapsis.com/archives/bugtraq/2001-01/0235.html
http://www.securityfocus.com/bid/2212
http://archives.neohapsis.com/archives/bugtraq/2001-01/0235.html
http://www.securityfocus.com/bid/2212

Products affected by CVE-2001-0133

Trend Micro » Interscan Viruswall » Version: Any

cpe:2.3:a:trend_micro:interscan_viruswall:*
Trend Micro » Interscan Viruswall » Version: 3.0.1

cpe:2.3:a:trend_micro:interscan_viruswall:3.0.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2001-0133

Products

Pricing

Contact Us