Vulnerability Details CVE-2002-1080
The Administration console for Abyss Web Server 1.0.3 before Patch 2 allows remote attackers to gain privileges and modify server configuration via direct requests to CHL files such as (1) srvstatus.chl, (2) consport.chl, (3) general.chl, (4) srvparam.chl, and (5) advanced.chl.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 76.6%
CVSS Severity
CVSS v2 Score 7.5
References
- http://archives.neohapsis.com/archives/bugtraq/2002-08/0229.html
- http://www.aprelium.com/news/patch1033.html
- http://www.iss.net/security_center/static/9957.php
- http://www.securityfocus.com/bid/5548
- http://archives.neohapsis.com/archives/bugtraq/2002-08/0229.html
- http://www.aprelium.com/news/patch1033.html
- http://www.iss.net/security_center/static/9957.php
- http://www.securityfocus.com/bid/5548
Products affected by CVE-2002-1080
-
cpe:2.3:a:aprelium_technologies:abyss_web_server:1.0
-
cpe:2.3:a:aprelium_technologies:abyss_web_server:1.0.3