CVE-2002-0203
CVE-2002-0203 is a medium-severity vulnerability in Tarantella Tarantella Enterprise with a CVSS 2.0 base score of 5.0. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- Severity: Medium (CVSS 2.0 base score 5.0)
- EPSS exploit prediction: 2% (77th percentile)
- Actively exploited: Not listed in CISA KEV
- Affected product: Tarantella Tarantella Enterprise
- Published:
- Last modified:
Description
ttawebtop.cgi in Tarantella Enterprise 3.20 on SPARC Solaris and Linux, and 3.1x and 3.0x including 3.11.903, allows remote attackers to view directory contents via an empty pg parameter.
Frequently asked questions
- What is CVE-2002-0203?
- ttawebtop.cgi in Tarantella Enterprise 3.20 on SPARC Solaris and Linux, and 3.1x and 3.0x including 3.11.903, allows remote attackers to view directory contents via an empty pg parameter.
- How severe is CVE-2002-0203?
- CVE-2002-0203 has a CVSS 2.0 base score of 5.0, rated medium severity.
- Is CVE-2002-0203 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 2% (77th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2002-0203?
- CVE-2002-0203 primarily affects Tarantella Tarantella Enterprise. In total, 3 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
- How do I fix CVE-2002-0203?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- When was CVE-2002-0203 published?
- CVE-2002-0203 was published on 2002-05-16 and last updated on 2026-06-16.
References
- http://marc.info/?l=bugtraq&m=101190195430376&w=2
- http://www.tarantella.com/security/bulletin-03.html
Affected products (3)
- cpe:2.3:a:tarantella:tarantella_enterprise:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:tarantella:tarantella_enterprise:3.10:*:*:*:*:*:*:*
- cpe:2.3:a:tarantella:tarantella_enterprise:3.20:*:*:*:*:*:*:*
More vulnerabilities in Tarantella Tarantella Enterprise
- CVE-2004-0079 — High (CVSS 7.5): The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause…
- CVE-2002-0211 — Medium (CVSS 6.2): Race condition in the installation script for Tarantella Enterprise 3 3.01 through 3.20 creates a world-writeable…
- CVE-2005-0486 — Medium (CVSS 5.0): Tarantella Secure Global Desktop Enterprise Edition 4.00 and 3.42, and Tarantella Enterprise 3 3.40 and 3.30, when…
- CVE-2004-0112 — Medium (CVSS 5.0): The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly…
- CVE-2004-0081 — Medium (CVSS 5.0): OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a…
- CVE-2001-0805 — Medium (CVSS 5.0): Directory traversal vulnerability in ttawebtop.cgi in Tarantella Enterprise 3.00 and 3.01 allows remote attackers to…