CVE-2002-0705 Information

Description

The Web Reports Server for SurfControl SuperScout WebFilter stores the \scwebusers\ username and password file in a web-accessible directory which allows remote attackers to obtain valid usernames and crack the passwords.

Reference

http://marc.info/?l=bugtraq&m=103359690824103&w=2 http://www.iss.net/security_center/static/10248.php http://www.osvdb.org/3489 http://www.securityfocus.com/bid/5856 http://www.westpoint.ltd.uk/advisories/wp-02-0005.txt