CyberSec.Space Logo
Back to CVE Browser

CVE-2002-0539

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1390%
EPSS Percentile16.39th
PublishedJul 3, 2002
Last ModifiedApr 16, 2026

Vulnerability Description

Demarc PureSecure 1.05 allows remote attackers to gain administrative privileges via a SQL injection attack in a session ID that is stored in the s_key cookie.

Affected Platforms (CPE)

πŸ“¦
Demarc Security

Puresecure

= 1.0.5_for_unix
πŸ“¦
Demarc Security

Puresecure

= 1.0.5_for_windows

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/bugtraq/2002-04/0168.html
πŸ”— http://online.securityfocus.com/archive/1/267941
πŸ”— http://www.iss.net/security_center/static/8854.php
πŸ”— http://www.osvdb.org/5239
πŸ”— http://www.securityfocus.com/bid/4520
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2002-04/0168.html
πŸ”— http://online.securityfocus.com/archive/1/267941
πŸ”— http://www.iss.net/security_center/static/8854.php

Related Vulnerabilities

CVE-2003-03407.5

Demarc Puresecure 1.6 stores authentication information for the logging server in plaintext, which allows attackers to steal login...

CVE-2002-039410.0

Red-M 1050 (Bluetooth Access Point) uses case insensitive passwords, which makes it easier for attackers to conduct a brute force ...

CVE-2002-135910.0

Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause ...

CVE-2002-039510.0

The TFTP server for Red-M 1050 (Bluetooth Access Point) can not be disabled and makes it easier for remote attackers to crack the ...