CVE-2002-1080 Information

Description

The Administration console for Abyss Web Server 1.0.3 before Patch 2 allows remote attackers to gain privileges and modify server configuration via direct requests to CHL files such as (1) srvstatus.chl (2) consport.chl (3) general.chl (4) srvparam.chl and (5) advanced.chl.

Reference

http://archives.neohapsis.com/archives/bugtraq/2002-08/0229.html http://www.aprelium.com/news/patch1033.html http://www.iss.net/security_center/static/9957.php http://www.securityfocus.com/bid/5548