CVE-2005-1055

Loading...

General

Score:7.5/10.0
Severity:High
Category:N/A

Impact Metrics

Confidentiality:Partial
Integrity:Partial
Availability:Partial

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Published on 10/04/05 - Updated on 11/07/17

Description

TowerBlog 0.6 and earlier stores the login data file under the web root, which allows remote attackers to obtain the MD5 checksums of the username and password via a direct request to the _dat/login file.

Category:

There is insufficient information about the issue to classify it; details are unknown or unspecified.

Security Notices

US National Vulnerability DatabaseCVE-2005-1055

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
towerblogtowerblog

Share this vulnerability with:

Twitter Facebook LinkedIn Mail