CVE-2002-1581
MailReader.com 2.3.x - 'NPH-MR.cgi' File Disclosure
Severity Score
5.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
3
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Directory traversal vulnerability in nph-mr.cgi in Mailreader.com 2.3.20 through 2.3.31 allows remote attackers to view arbitrary files via .. (dot dot) sequences and a null byte (%00) in the configLanguage parameter.
Vulnerabilidad de atravesamiento de directorios en nph-mr.cgi en Mailreader.com 2.3.20 a 2.3.31 permite a atacantes remotos ver ficheros de su elección mediante secuencias .. (punto punto) y un byte nulo (%00) en el parámetro configLanguage
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2002-10-28 First Exploit
- 2004-06-30 CVE Reserved
- 2004-07-06 CVE Published
- 2024-01-12 EPSS Updated
- 2024-08-08 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| http://mailreader.com/download/ChangeLog | X_refsource_confirm |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/21966 | 2002-10-28 | |
| http://www.securityfocus.com/archive/1/297428 | 2024-08-08 | |
| http://www.securityfocus.com/bid/6055 | 2024-08-08 |
| URL | Date | SRC |
|---|---|---|
| http://www.debian.org/security/2004/dsa-534 | 2011-03-08 | |
| http://www.iss.net/security_center/static/10490.php | 2011-03-08 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Mailreader.com Search vendor "Mailreader.com" | Mailreader.com Search vendor "Mailreader.com" for product "Mailreader.com" | 2.3.20 Search vendor "Mailreader.com" for product "Mailreader.com" and version "2.3.20" | - |
Affected
| ||||||
| Mailreader.com Search vendor "Mailreader.com" | Mailreader.com Search vendor "Mailreader.com" for product "Mailreader.com" | 2.3.21 Search vendor "Mailreader.com" for product "Mailreader.com" and version "2.3.21" | - |
Affected
| ||||||
| Mailreader.com Search vendor "Mailreader.com" | Mailreader.com Search vendor "Mailreader.com" for product "Mailreader.com" | 2.3.22 Search vendor "Mailreader.com" for product "Mailreader.com" and version "2.3.22" | - |
Affected
| ||||||
| Mailreader.com Search vendor "Mailreader.com" | Mailreader.com Search vendor "Mailreader.com" for product "Mailreader.com" | 2.3.23 Search vendor "Mailreader.com" for product "Mailreader.com" and version "2.3.23" | - |
Affected
| ||||||
| Mailreader.com Search vendor "Mailreader.com" | Mailreader.com Search vendor "Mailreader.com" for product "Mailreader.com" | 2.3.24 Search vendor "Mailreader.com" for product "Mailreader.com" and version "2.3.24" | - |
Affected
| ||||||
| Mailreader.com Search vendor "Mailreader.com" | Mailreader.com Search vendor "Mailreader.com" for product "Mailreader.com" | 2.3.25 Search vendor "Mailreader.com" for product "Mailreader.com" and version "2.3.25" | - |
Affected
| ||||||
| Mailreader.com Search vendor "Mailreader.com" | Mailreader.com Search vendor "Mailreader.com" for product "Mailreader.com" | 2.3.26 Search vendor "Mailreader.com" for product "Mailreader.com" and version "2.3.26" | - |
Affected
| ||||||
| Mailreader.com Search vendor "Mailreader.com" | Mailreader.com Search vendor "Mailreader.com" for product "Mailreader.com" | 2.3.27 Search vendor "Mailreader.com" for product "Mailreader.com" and version "2.3.27" | - |
Affected
| ||||||
| Mailreader.com Search vendor "Mailreader.com" | Mailreader.com Search vendor "Mailreader.com" for product "Mailreader.com" | 2.3.28 Search vendor "Mailreader.com" for product "Mailreader.com" and version "2.3.28" | - |
Affected
| ||||||
| Mailreader.com Search vendor "Mailreader.com" | Mailreader.com Search vendor "Mailreader.com" for product "Mailreader.com" | 2.3.29 Search vendor "Mailreader.com" for product "Mailreader.com" and version "2.3.29" | - |
Affected
| ||||||
| Mailreader.com Search vendor "Mailreader.com" | Mailreader.com Search vendor "Mailreader.com" for product "Mailreader.com" | 2.3.30 Search vendor "Mailreader.com" for product "Mailreader.com" and version "2.3.30" | - |
Affected
| ||||||
| Mailreader.com Search vendor "Mailreader.com" | Mailreader.com Search vendor "Mailreader.com" for product "Mailreader.com" | 2.3.31 Search vendor "Mailreader.com" for product "Mailreader.com" and version "2.3.31" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 3.0 Search vendor "Debian" for product "Debian Linux" and version "3.0" | - |
Affected
| ||||||