mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 17:21:36 +00:00
128 lines
4.0 KiB
JSON
128 lines
4.0 KiB
JSON
{
|
|
"id": "CVE-2002-0066",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2002-04-22T04:00:00.000",
|
|
"lastModified": "2025-04-03T01:03:51.193",
|
|
"vulnStatus": "Deferred",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Funk Software Proxy Host 3.x before 3.09A creates a Named Pipe that does not require authentication and is installed with insecure access control, which allows local and possibly remote users to use the Proxy Host's configuration utilities and gain privileges."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Funk Software Proxy Host 3.x anterior a 3.09a crea un tuber\u00eda con nombre (Named Pipe) que no requiere autentificaci\u00f3n y se instala con control de acceso inseguro, lo que permite a usuarios locales y posiblemente remotos usar las utilidades de configuraci\u00f3n del Proxy Host y ganar privilegios."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
|
"baseScore": 7.5,
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "PARTIAL"
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 6.4,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": true,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "NVD-CWE-Other"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:bindview:netrc:1.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "760DB974-6B4A-4A09-9B4F-201456DE9136"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:bindview:netrc:3.06:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "AD26D34A-F8C0-4C74-A825-6B59DA0C12D8"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:funk_software:funk_software_proxy:3.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8ECA01B9-A163-4069-8CBA-C6D019B4DB66"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:funk_software:funk_software_proxy:3.06:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C4F701BB-4525-42A7-80AF-51D127A836B5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:funk_software:funk_software_proxy:3.09:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FC126FFF-687F-41AA-BC77-E577D05B4BB8"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://razor.bindview.com/publish/advisories/adv_FunkProxy.html",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Patch",
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.iss.net/security_center/static/8793.php",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/4460",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://razor.bindview.com/publish/advisories/adv_FunkProxy.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Patch",
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.iss.net/security_center/static/8793.php",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/4460",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
}
|
|
]
|
|
} |