AOL Instant Messenger Path Disclosure Vulnerability
BID:1180
Info
AOL Instant Messenger Path Disclosure Vulnerability
| Bugtraq ID: | 1180 |
| Class: | Design Error |
| CVE: |
CVE-2000-0383 |
| Remote: | Yes |
| Local: | Yes |
| Published: | May 08 2000 12:00AM |
| Updated: | Jul 11 2009 01:56AM |
| Credit: | Posted to Bugtraq on May 8, 2000 by Daniel P. Stasinski <[email protected]>. |
| Vulnerable: |
AOL Instant Messenger 4.0 |
| Not Vulnerable: | |
Discussion
AOL Instant Messenger Path Disclosure Vulnerability
If a user transmits a file through AOL Instant Messenger, the full local path of the file is displayed to the remote recipient. This information could possibly be used in order to discover the Operating System platform and other sensitive details which may assist in a future attack.
If a user transmits a file through AOL Instant Messenger, the full local path of the file is displayed to the remote recipient. This information could possibly be used in order to discover the Operating System platform and other sensitive details which may assist in a future attack.
Exploit / POC
AOL Instant Messenger Path Disclosure Vulnerability
see discussion
see discussion
Solution / Fix
AOL Instant Messenger Path Disclosure Vulnerability
Solution:
Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution:
Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
References
AOL Instant Messenger Path Disclosure Vulnerability
References:
References: