MidnightBSD

Advisories for joe_depasquale

CVE-2002-2342 MEDIUM

Bannermatic 1, 2, and 3 stores the (1) ban.log, (2) ban.bak, (3) ban.dat and (4) banmat.pwd data files under the web document root with insufficient access control, which allows attackers to obtain sensitive information via a direct request for the files.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
joe_depasquale bannermatic 3.0
joe_depasquale bannermatic 1.0
joe_depasquale bannermatic 2.0