Vulnerability CVE-2003-1379
Published: 2003-12-31   Modified: 2012-02-12

Description:
clarkconnectd in ClarkConnect Linux 1.2 allows remote attackers to obtain sensitive information about the server via the characters (1) A, which reveals the date and time, (2) F, (3) M, which reveals 'ifconfig' information, (4) P, which lists the processes, (5) Y, which reveals the snort log files, or (6) b, which reveals /var/log/messages.

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None
Affected software
Point clark networks -> Clarkconnect 

 References:
http://www.securityfocus.com/archive/1/313080
http://www.securityfocus.com/bid/6934
https://exchange.xforce.ibmcloud.com/vulnerabilities/11419
Copyright 2024, cxsecurity.com

 

Back to Top