Access Permissions Vulnerability in Cobalt RaQ2 and RaQ3 by Cobalt Networks
CVE-2000-0431

Currently unrated

Key Information:

Vendor: Oracle
Status: Cobalt Raq 3i; Cobalt Raq 2
Vendor: CVE Published:; 22 May 2000

Summary

The Cobalt RaQ2 and RaQ3 platforms have a significant flaw related to the improper setting of access permissions and ownership for files uploaded via FrontPage. This weakness can be exploited by attackers to bypass the cgiwrap utility, enabling them to modify sensitive files on the server. If your system relies on these versions, addressing this vulnerability is critical for maintaining the integrity and security of your hosted applications.

References

http://www.securityfocus.com/templates/archive.pike?list=...

mailing-listx_refsource_BUGTRAQ

http://archives.neohapsis.com/archives/bugtraq/2000-05/03...

x_refsource_CONFIRM

http://www.osvdb.org/1346

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability Reserved
Jun 14, 2000
Vulnerability published
May 22, 2000