CVE-2002-2058 — HIGH (7.5) — White Hats Nepal

Vulnerability Description

TeeKai Tracking Online 1.0 uses weak encryption of web usage statistics in data/userlog/log.txt, which allows remote attackers to identify IP's visiting the site by dividing each octet by the MD5 hash of '20'.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Teekai	Tracking Online	1.0

Related Weaknesses (CWE)

CWE-327

References

http://online.securityfocus.com/archive/82/275246Broken LinkThird Party AdvisoryVDB Entry
http://www.iss.net/security_center/static/9286.phpBroken Link
http://www.securityfocus.com/bid/4926Broken LinkExploitThird Party Advisory
http://online.securityfocus.com/archive/82/275246Broken LinkThird Party AdvisoryVDB Entry
http://www.iss.net/security_center/static/9286.phpBroken Link
http://www.securityfocus.com/bid/4926Broken LinkExploitThird Party Advisory

FAQ

What is CVE-2002-2058?

CVE-2002-2058 is a vulnerability with a CVSS score of 7.5 (HIGH). TeeKai Tracking Online 1.0 uses weak encryption of web usage statistics in data/userlog/log.txt, which allows remote attackers to identify IP's visiting the site by dividing each octet by the MD5 hash...

How severe is CVE-2002-2058?

CVE-2002-2058 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2002-2058?

Check the references section above for vendor advisories and patch information. Affected products include: Teekai Tracking Online.