Vulnerability Description
The Administration console for Abyss Web Server 1.0.3 before Patch 2 allows remote attackers to gain privileges and modify server configuration via direct requests to CHL files such as (1) srvstatus.chl, (2) consport.chl, (3) general.chl, (4) srvparam.chl, and (5) advanced.chl.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Aprelium Technologies | Abyss Web Server | 1.0 |
References
- http://archives.neohapsis.com/archives/bugtraq/2002-08/0229.html
- http://www.aprelium.com/news/patch1033.html
- http://www.iss.net/security_center/static/9957.phpPatchVendor Advisory
- http://www.securityfocus.com/bid/5548ExploitPatchVendor Advisory
- http://archives.neohapsis.com/archives/bugtraq/2002-08/0229.html
- http://www.aprelium.com/news/patch1033.html
- http://www.iss.net/security_center/static/9957.phpPatchVendor Advisory
- http://www.securityfocus.com/bid/5548ExploitPatchVendor Advisory
FAQ
What is CVE-2002-1080?
CVE-2002-1080 is a vulnerability with a CVSS score of 7.5 (HIGH). The Administration console for Abyss Web Server 1.0.3 before Patch 2 allows remote attackers to gain privileges and modify server configuration via direct requests to CHL files such as (1) srvstatus.c...
How severe is CVE-2002-1080?
CVE-2002-1080 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-1080?
Check the references section above for vendor advisories and patch information. Affected products include: Aprelium Technologies Abyss Web Server.