Vulnerability Details CVE-2004-1513
04WebServer 1.42 does not adequately filter data that is written to log files, which could allow remote attackers to inject carriage return characters into the log file and spoof log entries.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.6%
CVSS Severity
CVSS v2 Score 5.0
References
- http://marc.info/?l=bugtraq&m=110012542615484&w=2
- http://marc.info/?l=bugtraq&m=110054395311823&w=2
- http://secunia.com/advisories/13159/
- http://www.security.org.sg/vuln/04webserver142.html
- http://www.securityfocus.com/bid/11652
- http://www.soft3304.net/04WebServer/Security.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18034
- http://marc.info/?l=bugtraq&m=110012542615484&w=2
- http://marc.info/?l=bugtraq&m=110054395311823&w=2
- http://secunia.com/advisories/13159/
- http://www.security.org.sg/vuln/04webserver142.html
- http://www.securityfocus.com/bid/11652
- http://www.soft3304.net/04WebServer/Security.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18034
Products affected by CVE-2004-1513
-
cpe:2.3:a:soft3304:04webserver:1.42