Details of VAR-200202-0014

ID

VAR-200202-0014

CVE

CVE-2002-1603

TITLE

GoAhead Web Server discloses source code of ASP files via crafted URL

Trust: 0.8

sources: CERT/CC: VU#975041

DESCRIPTION

GoAhead Web Server 2.1.7 and earlier allows remote attackers to obtain the source code of ASP files via a URL terminated with a /, \, %2f (encoded /), %20 (encoded space), or %00 (encoded null) character, which returns the ASP source code unparsed. This issue is also referenced in VU#124059. GoAhead WebServer contains vulnerabilities that may allow an attacker to view source files containing sensitive information or bypass authentication. The information disclosure vulnerability was previously published as VU#975041. A vulnerability in GoAhead webserver may result in the disclosure of the source code of ASP script files. The vulnerability occurs because the application fails to sanitize HTTP requests. An attacker can append certain characters to the end of an HTTP request for a specific ASP file. As a result, GoAhead webserver will disclose the contents of the requested ASP script file to the attacker. GoAhead WebServer is a small and exquisite embedded Web server of American Embedthis Company, which supports embedding in various devices and applications. Attackers can use this information to further attack the system

Trust: 2.7

sources: NVD: CVE-2002-1603 // CERT/CC: VU#975041 // CERT/CC: VU#124059 // BID: 9239 // VULHUB: VHN-5988

AFFECTED PRODUCTS

vendor:	goahead	model:	webserver	scope:	eq	version:	2.1.6	Trust: 1.6
vendor:	goahead	model:	webserver	scope:	eq	version:	2.0	Trust: 1.6
vendor:	goahead	model:	webserver	scope:	eq	version:	2.1.2	Trust: 1.6
vendor:	goahead	model:	webserver	scope:	eq	version:	2.1.1	Trust: 1.6
vendor:	goahead	model:	webserver	scope:	eq	version:	2.1.4	Trust: 1.6
vendor:	goahead	model:	webserver	scope:	eq	version:	2.1.5	Trust: 1.6
vendor:	goahead	model:	webserver	scope:	eq	version:	2.1.7	Trust: 1.6
vendor:	goahead	model:	webserver	scope:	eq	version:	2.1	Trust: 1.6
vendor:	goahead	model:	webserver	scope:	eq	version:	2.1.3	Trust: 1.6
vendor:	goahead	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	rockwell automation	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	rockwell	model:	automation controllogix 1756-enbt/a ethernet/ip bridge	scope:	eq	version:	0	Trust: 0.3
vendor:	goahead	model:	software goahead webserver	scope:	eq	version:	2.1.7	Trust: 0.3
vendor:	goahead	model:	software goahead webserver	scope:	eq	version:	2.1.6	Trust: 0.3
vendor:	goahead	model:	software goahead webserver	scope:	eq	version:	2.1.5	Trust: 0.3
vendor:	goahead	model:	software goahead webserver	scope:	eq	version:	2.1.4	Trust: 0.3
vendor:	goahead	model:	software goahead webserver	scope:	eq	version:	2.1.3	Trust: 0.3
vendor:	goahead	model:	software goahead webserver	scope:	eq	version:	2.1.2	Trust: 0.3
vendor:	goahead	model:	software goahead webserver	scope:	eq	version:	2.1.1	Trust: 0.3
vendor:	goahead	model:	software goahead webserver	scope:	eq	version:	2.1	Trust: 0.3
vendor:	goahead	model:	software goahead webserver	scope:	eq	version:	2.0	Trust: 0.3
vendor:	goahead	model:	software goahead webserver	scope:	ne	version:	2.1.8	Trust: 0.3

sources: CERT/CC: VU#124059 // BID: 9239 // CNNVD: CNNVD-200202-008 // NVD: CVE-2002-1603

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2002-1603
value:	MEDIUM
Trust: 1.0
CARNEGIE MELLON:	VU#975041
value:	1.91
Trust: 0.8
CARNEGIE MELLON:	VU#124059
value:	0.06
Trust: 0.8
CNNVD:	CNNVD-200202-008
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-5988
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2002-1603
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-5988
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#975041 // CERT/CC: VU#124059 // VULHUB: VHN-5988 // CNNVD: CNNVD-200202-008 // NVD: CVE-2002-1603

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2002-1603

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200202-008

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200202-008

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-5988

EXTERNAL IDS

db:	CERT/CC	id:	VU#975041	Trust: 3.6
db:	CERT/CC	id:	VU#124059	Trust: 2.8
db:	BID	id:	9239	Trust: 2.0
db:	NVD	id:	CVE-2002-1603	Trust: 2.0
db:	SECUNIA	id:	7741	Trust: 1.7
db:	OSVDB	id:	13295	Trust: 1.7
db:	SECTRACK	id:	1005820	Trust: 1.7
db:	EXPLOIT-DB	id:	12815	Trust: 0.8
db:	CNNVD	id:	CNNVD-200202-008	Trust: 0.7
db:	XF	id:	10885	Trust: 0.6
db:	EXPLOIT-DB	id:	23446	Trust: 0.1
db:	SEEBUG	id:	SSVID-77211	Trust: 0.1
db:	VULHUB	id:	VHN-5988	Trust: 0.1

sources: CERT/CC: VU#975041 // CERT/CC: VU#124059 // VULHUB: VHN-5988 // BID: 9239 // CNNVD: CNNVD-200202-008 // NVD: CVE-2002-1603

REFERENCES

url:	http://data.goahead.com/software/webserver/2.1.8/release.htm#bug-with-urls-like-asp	Trust: 3.3
url:	http://aluigi.altervista.org/adv/goahead-adv3.txt	Trust: 3.3
url:	http://www.kb.cert.org/vuls/id/975041	Trust: 2.8
url:	http://www.kb.cert.org/vuls/id/124059	Trust: 2.0
url:	http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=57729	Trust: 2.0
url:	http://www.procheckup.com/security_info/vuln_pr0213.html	Trust: 1.9
url:	http://www.securityfocus.com/bid/9239	Trust: 1.7
url:	http://www.kb.cert.org/vuls/id/rgii-7mwkz3	Trust: 1.7
url:	http://www.procheckup.com/pdfs/procheckup_vulns_2002.pdf	Trust: 1.7
url:	http://www.osvdb.org/13295	Trust: 1.7
url:	http://securitytracker.com/id?1005820	Trust: 1.7
url:	http://secunia.com/advisories/7741	Trust: 1.7
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/10885	Trust: 1.1
url:	http://web.archive.org/web/20030110134751/http://www.procheckup.com/security_info/vuln_pr0213.html	Trust: 0.8
url:	http://www.ab.com/networks/architectures.html	Trust: 0.8
url:	http://data.goahead.com/software/webserver/2.1.8/release.htm#security-features-can-be-bypassed-by-adding-an-extra-slash-in-the-url-bug01518	Trust: 0.8
url:	http://www.nerc.com/fileuploads/file/events%20analysis/a-2009-02-13-01.pdf	Trust: 0.8
url:	http://rockwellautomation.custhelp.com/app/answers/detail/a_id/57729	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=goahead+web+server	Trust: 0.8
url:	http://www.exploit-db.com/exploits/12815/	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/10885	Trust: 0.6
url:	http://www.goahead.com/webserver/webserver.htm	Trust: 0.3
url:	/archive/1/347805	Trust: 0.3

sources: CERT/CC: VU#975041 // CERT/CC: VU#124059 // VULHUB: VHN-5988 // BID: 9239 // CNNVD: CNNVD-200202-008 // NVD: CVE-2002-1603

CREDITS

Luigi Auriemma※ aluigi@pivx.com

Trust: 0.6

sources: CNNVD: CNNVD-200202-008

SOURCES

db:	CERT/CC	id:	VU#975041
db:	CERT/CC	id:	VU#124059
db:	VULHUB	id:	VHN-5988
db:	BID	id:	9239
db:	CNNVD	id:	CNNVD-200202-008
db:	NVD	id:	CVE-2002-1603

LAST UPDATE DATE

2025-04-03T22:09:40.118000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#975041	date:	2010-01-11T00:00:00
db:	CERT/CC	id:	VU#124059	date:	2010-06-22T00:00:00
db:	VULHUB	id:	VHN-5988	date:	2017-07-11T00:00:00
db:	BID	id:	9239	date:	2009-02-19T21:47:00
db:	CNNVD	id:	CNNVD-200202-008	date:	2009-02-10T00:00:00
db:	NVD	id:	CVE-2002-1603	date:	2025-04-03T01:03:51.193

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#975041	date:	2002-12-17T00:00:00
db:	CERT/CC	id:	VU#124059	date:	2009-02-05T00:00:00
db:	VULHUB	id:	VHN-5988	date:	2002-02-13T00:00:00
db:	BID	id:	9239	date:	2003-12-17T00:00:00
db:	CNNVD	id:	CNNVD-200202-008	date:	2002-02-13T00:00:00
db:	NVD	id:	CVE-2002-1603	date:	2002-02-13T05:00:00