CVEブラウザに戻る

CVE-2002-0537

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1510%

EPSS Percentile29.55th

Published2002年7月3日

Last Modified2026年4月16日

Vulnerability Description

The admin.html file in StepWeb Search Engine (SWS) 2.5 stores passwords in links to manager.pl, which allows remote attackers who can access the admin.html file to gain administrative privileges to SWS.

Affected Platforms (CPE)

📦

Stepweb

Sws

= 2.5

References & Advisories

🔗 http://archives.neohapsis.com/archives/bugtraq/2002-04/0148.html

🔗 http://www.iss.net/security_center/static/8849.php

🔗 http://www.securityfocus.com/bid/4503

🔗 http://archives.neohapsis.com/archives/bugtraq/2002-04/0148.html

🔗 http://www.iss.net/security_center/static/8849.php

🔗 http://www.securityfocus.com/bid/4503

関連する脆弱性情報

CVE-2008-43899.3

Symantec AppStream 5.2.x and Symantec Workspace Streaming (SWS) 6.1.x before 6.1 SP4 do not properly perform authentication, which...

CVE-2014-16497.9

The server in Symantec Workspace Streaming (SWS) before 7.5.0.749 allows remote attackers to access files and functionality by sen...

CVE-2002-18707.5

Simple Web Server (SWS) 0.0.4 through 0.1.0 does not properly handle when the recv function call fails, which may allow remote att...

CVE-2006-21147.5

Buffer overflow in SWS web Server 0.1.7 allows remote attackers to execute arbitrary code via a long request.