CVE-2002-0917

CVE-2002-0917

EPSS 2.4%

CGIScript.net csPassword.cgi stores .htpasswd files under the web document root, which could allow remote authenticated users to download the file and crack the passwords of other users.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://online.securityfocus.com/archive/1/274727 http://www.iss.net/security_center/static/9220.php http://www.securityfocus.com/bid/4885