BroadVision One-To-One Enterprise Path Disclosure Vulnerability
BID:2088
Info
BroadVision One-To-One Enterprise Path Disclosure Vulnerability
| Bugtraq ID: | 2088 |
| Class: | Design Error |
| CVE: | |
| Remote: | Yes |
| Local: | Yes |
| Published: | Dec 08 2000 12:00AM |
| Updated: | Dec 08 2000 12:00AM |
| Credit: | Reported to bugtraq by benjurry <[email protected]> on Fri, 8 Dec 2000. |
| Vulnerable: |
BroadVision One-To-One Enterprise 1.0 |
| Not Vulnerable: | |
Discussion
BroadVision One-To-One Enterprise Path Disclosure Vulnerability
A vulnerability exists in certain versions of BroadVision's One-To-One Enterprise distributed applications platform.
URLs submitted to the affected host, requesting files which are not present on the server, yield an error message which provides limited information on the server's directory structure. This may permit an attacker to better exploit other vulnerabilities on the target system, and further compromise its security.
A vulnerability exists in certain versions of BroadVision's One-To-One Enterprise distributed applications platform.
URLs submitted to the affected host, requesting files which are not present on the server, yield an error message which provides limited information on the server's directory structure. This may permit an attacker to better exploit other vulnerabilities on the target system, and further compromise its security.
Solution / Fix
BroadVision One-To-One Enterprise Path Disclosure Vulnerability
Solution:
Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution:
Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
References
BroadVision One-To-One Enterprise Path Disclosure Vulnerability
References:
References:
- BroadVision Products - One-To-One Enterprise (BroadVision)