CyberSec.Space Logo
Back to CVE Browser

CVE-2001-1252

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0640%
EPSS Percentile26.30th
PublishedSep 28, 2001
Last ModifiedApr 16, 2026

Vulnerability Description

Network Associates PGP Keyserver 7.0 allows remote attackers to bypass authentication and access the administrative web interface via URLs that directly access cgi-bin instead of keyserver/cgi-bin for the programs (1) console, (2) cs, (3) multi_config and (4) directory.

Affected Platforms (CPE)

πŸ“¦
Pgp

Keyserver

= 7.0
πŸ“¦
Pgp

Keyserver

= 7.0.1

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/bugtraq/2001-09/0230.html
πŸ”— http://www.iss.net/security_center/static/7203.php
πŸ”— http://www.osvdb.org/1955
πŸ”— http://www.osvdb.org/4193
πŸ”— http://www.pgp.com/support/product-advisories/keyserver.asp
πŸ”— http://www.securityfocus.com/bid/3375
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2001-09/0230.html
πŸ”— http://www.iss.net/security_center/static/7203.php

Related Vulnerabilities

CVE-2005-19249.3

The G/PGP (GPG) Plugin 2.1 and earlier for Squirrelmail allow remote authenticated users to execute arbitrary commands via shell m...

CVE-2015-08398.1

The hp-plugin utility in HP Linux Imaging and Printing (HPLIP) makes it easier for man-in-the-middle attackers to execute arbitrar...

CVE-2003-09787.5

Format string vulnerability in gpgkeys_hkp (experimental HKP interface) for the GnuPG (gpg) client 1.2.3 and earlier, and 1.3.3 an...

CVE-2019-130507.5

Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to...