Vulnerability Details CVE-2002-0066
Funk Software Proxy Host 3.x before 3.09A creates a Named Pipe that does not require authentication and is installed with insecure access control, which allows local and possibly remote users to use the Proxy Host's configuration utilities and gain privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.017
EPSS Ranking 81.3%
CVSS Severity
CVSS v2 Score 7.5
References
- http://razor.bindview.com/publish/advisories/adv_FunkProxy.html
- http://www.iss.net/security_center/static/8793.php
- http://www.securityfocus.com/bid/4460
- http://razor.bindview.com/publish/advisories/adv_FunkProxy.html
- http://www.iss.net/security_center/static/8793.php
- http://www.securityfocus.com/bid/4460
Products affected by CVE-2002-0066
-
cpe:2.3:a:bindview:netrc:1.0
-
cpe:2.3:a:bindview:netrc:3.06
-
cpe:2.3:a:funk_software:funk_software_proxy:3.0
-
cpe:2.3:a:funk_software:funk_software_proxy:3.06
-
cpe:2.3:a:funk_software:funk_software_proxy:3.09