CVE-2002-0203

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

t

tawebtop.cgi in Tarantella Enterprise 3.20 on SPARC Solaris and Linux, and 3.1x and 3.0x including 3.11.903, allows remote attackers to view directory contents via an empty pg parameter.

References

Link	Resource
http://marc.info/?l=bugtraq&m=101190195430376&w=2
http://www.tarantella.com/security/bulletin-03.html	Patch Vendor Advisory URL Repurposed
http://marc.info/?l=bugtraq&m=101190195430376&w=2
http://www.tarantella.com/security/bulletin-03.html	Patch Vendor Advisory URL Repurposed

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:tarantella:tarantella_enterprise:3.0:::::::*
	cpe:2.3:a:tarantella:tarantella_enterprise:3.10:::::::*
	cpe:2.3:a:tarantella:tarantella_enterprise:3.20:::::::*

History

20 Nov 2024, 23:38

Type	Values Removed	Values Added
References	~~() http://marc.info/?l=bugtraq&m=101190195430376&w=2 -~~	() http://marc.info/?l=bugtraq&m=101190195430376&w=2 -
References	~~() http://www.tarantella.com/security/bulletin-03.html - Patch, Vendor Advisory, URL Repurposed~~	() http://www.tarantella.com/security/bulletin-03.html - Patch, Vendor Advisory, URL Repurposed

Information

Published : 2002-05-16 04:00

Updated : 2025-04-03 01:03

NVD link : CVE-2002-0203

Mitre link : CVE-2002-0203

CVE.ORG link : CVE-2002-0203

JSON object : View

Products Affected

tarantella_enterprise

CWE

NVD-CWE-Other

{"id": "CVE-2002-0203", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "[email protected]", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2002-05-16T04:00:00.000", "references": [{"url": "http://marc.info/?l=bugtraq&m=101190195430376&w=2", "source": "[email protected]"}, {"url": "http://www.tarantella.com/security/bulletin-03.html", "tags": ["Patch", "Vendor Advisory", "URL Repurposed"], "source": "[email protected]"}, {"url": "http://marc.info/?l=bugtraq&m=101190195430376&w=2", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.tarantella.com/security/bulletin-03.html", "tags": ["Patch", "Vendor Advisory", "URL Repurposed"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "ttawebtop.cgi in Tarantella Enterprise 3.20 on SPARC Solaris and Linux, and 3.1x and 3.0x including 3.11.903, allows remote attackers to view directory contents via an empty pg parameter."}, {"lang": "es", "value": "ttawebpot.cgi en Tarantella Enterprise 3.20 en SPARC Solaris y Linux, y 3.1x y 3.0x incluyendo 3.11.903, permite atacantes remotos ver los contenidos del directorio mediante un par\u00e1metro pg vac\u00edo."}], "lastModified": "2025-04-03T01:03:51.193", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CDA7723A-7057-4410-A6B9-885B10ACEE8D"}, {"criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "680CCD63-BC37-4ED5-8CFF-B36D115F7D84"}, {"criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9519BCB2-B401-44CE-97F6-847BB36AE45F"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}