Vulnerability Description
04WebServer 1.42 does not adequately filter data that is written to log files, which could allow remote attackers to inject carriage return characters into the log file and spoof log entries.
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Soft3304 | 04Webserver | 1.42 |
References
- http://marc.info/?l=bugtraq&m=110012542615484&w=2
- http://marc.info/?l=bugtraq&m=110054395311823&w=2
- http://secunia.com/advisories/13159/Vendor Advisory
- http://www.security.org.sg/vuln/04webserver142.htmlPatchVendor Advisory
- http://www.securityfocus.com/bid/11652ExploitPatch
- http://www.soft3304.net/04WebServer/Security.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18034
- http://marc.info/?l=bugtraq&m=110012542615484&w=2
- http://marc.info/?l=bugtraq&m=110054395311823&w=2
- http://secunia.com/advisories/13159/Vendor Advisory
- http://www.security.org.sg/vuln/04webserver142.htmlPatchVendor Advisory
- http://www.securityfocus.com/bid/11652ExploitPatch
- http://www.soft3304.net/04WebServer/Security.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18034
FAQ
What is CVE-2004-1513?
CVE-2004-1513 is a vulnerability with a CVSS score of 5.0 (MEDIUM). 04WebServer 1.42 does not adequately filter data that is written to log files, which could allow remote attackers to inject carriage return characters into the log file and spoof log entries.
How severe is CVE-2004-1513?
CVE-2004-1513 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-1513?
Check the references section above for vendor advisories and patch information. Affected products include: Soft3304 04Webserver.