CVE-2000-0431

critical

Description

Cobalt RaQ2 and RaQ3 does not properly set the access permissions and ownership for files that are uploaded via FrontPage, which allows attackers to bypass cgiwrap and modify files.

References

http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000523100045.B11049%40HiWAAY.net

http://www.securityfocus.com/bid/1238

http://www.osvdb.org/1346

http://archives.neohapsis.com/archives/bugtraq/2000-05/0305.html

Details

Source: Mitre, NVD

Published: 2000-05-22

Updated: 2024-11-20

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity: Critical

Detections

Analytics