Bug: Openforum Remote password Disclosure ( Ascii Version )

Search:
WLB2

Openforum Remote password Disclosure

Published
Credit
Risk
2007.01.05
Aria-security Team
Low
CWE
CVE
Local
Remote
N/A
CVE-2007-0076
No
Yes

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

#<Aria-Security Team>
#<Happy New Year!!>
#<Aria-Security.com For English>
#<Aria-Security.net For Parsi>
#Discovered: Aria-Security Team
#Vendor: http://www.2enetworx.com/dev/projects/openforum.asp
#Risk: Low
#Type:Remote (Password Disclosure)
#PoC:
#
#http://TARGET/path/openforum.mdb
#
#Contact: advisory (at) aria-security (dot) net [email concealed]

See this note in TXT Version

Bugtraq RSS
Bugtraq
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn
 
CVE RSS
CVEMAP

Copyright 2014, cxsecurity.com
Ascii Version