CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2002-0539

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1390%
EPSS Percentile16.39th
Published2002年7月3日
Last Modified2026年4月16日

Vulnerability Description

Demarc PureSecure 1.05 allows remote attackers to gain administrative privileges via a SQL injection attack in a session ID that is stored in the s_key cookie.

Affected Platforms (CPE)

📦
Demarc Security

Puresecure

= 1.0.5_for_unix
📦
Demarc Security

Puresecure

= 1.0.5_for_windows

References & Advisories

🔗 http://archives.neohapsis.com/archives/bugtraq/2002-04/0168.html
🔗 http://online.securityfocus.com/archive/1/267941
🔗 http://www.iss.net/security_center/static/8854.php
🔗 http://www.osvdb.org/5239
🔗 http://www.securityfocus.com/bid/4520
🔗 http://archives.neohapsis.com/archives/bugtraq/2002-04/0168.html
🔗 http://online.securityfocus.com/archive/1/267941
🔗 http://www.iss.net/security_center/static/8854.php

相關漏洞威脅

CVE-2003-03407.5

Demarc Puresecure 1.6 stores authentication information for the logging server in plaintext, which allows attackers to steal login...

CVE-2002-090110.0

Multiple buffer overflows in Advanced Maryland Automatic Network Disk Archiver (AMANDA) 2.3.0.4 allow (1) remote attackers to exec...

CVE-2002-103410.0

none.php for SunPS iRunbook 2.5.2 allows remote attackers to read arbitrary files via an absolute pathname in the argument.

CVE-2002-095110.0

SQL injection vulnerability in Ruslan <Body>Builder allows remote attackers to gain administrative privileges via a "'--" sequence...