Credentials Management Errors
CVE-2002-2389
Summary
TheServer 1.74 web server stores server.ini under the web document root with insufficient access control, which allows remote attackers to obtain cleartext passwords and gain access to server log files.
- LOW
- NETWORK
- NONE
- NONE
- PARTIAL
- NONE
CWE-255 - Credentials Management Errors
Weaknesses in this category are related to the management of credentials.
References
Advisory Timeline
- Published