CyberSec.Space Logo
返回 CVE 浏览器

CVE-2002-0539

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1390%
EPSS Percentile16.39th
Published2002年7月3日
Last Modified2026年4月16日

Vulnerability Description

Demarc PureSecure 1.05 allows remote attackers to gain administrative privileges via a SQL injection attack in a session ID that is stored in the s_key cookie.

Affected Platforms (CPE)

📦
Demarc Security

Puresecure

= 1.0.5_for_unix
📦
Demarc Security

Puresecure

= 1.0.5_for_windows

References & Advisories

🔗 http://archives.neohapsis.com/archives/bugtraq/2002-04/0168.html
🔗 http://online.securityfocus.com/archive/1/267941
🔗 http://www.iss.net/security_center/static/8854.php
🔗 http://www.osvdb.org/5239
🔗 http://www.securityfocus.com/bid/4520
🔗 http://archives.neohapsis.com/archives/bugtraq/2002-04/0168.html
🔗 http://online.securityfocus.com/archive/1/267941
🔗 http://www.iss.net/security_center/static/8854.php

相关漏洞威胁

CVE-2003-03407.5

Demarc Puresecure 1.6 stores authentication information for the logging server in plaintext, which allows attackers to steal login...

CVE-2002-000510.0

Buffer overflow in AOL Instant Messenger (AIM) 4.7.2480, 4.8.2616, and other versions allows remote attackers to execute arbitrary...

CVE-2002-000710.0

CGI.pl in Bugzilla before 2.14.1, when using LDAP, allows remote attackers to obtain an anonymous bind to the LDAP server via a re...

CVE-2002-001210.0

Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges v...