CVE-2004-1219
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
10/01/2005
Last modified:
03/04/2025
Description
paFileDB 3.1, when using sessions authentication and while the administrator logs on, allows remote attackers to read the administrator's password hash and conduct brute force password guessing attacks by listing the contents of the sessions directory and reading the associated file for the administrator session.
Impact
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:php_arena:pafiledb:3.1:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://echo.or.id/adv/adv09-y3dips-2004.txt
- http://marc.info/?l=bugtraq&m=110245123927025&w=2
- http://www.securityfocus.com/bid/11818
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18364
- http://echo.or.id/adv/adv09-y3dips-2004.txt
- http://marc.info/?l=bugtraq&m=110245123927025&w=2
- http://www.securityfocus.com/bid/11818
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18364