WebGlimpse 'wgarcmin.cgi' Path Disclosure Vulnerability
BID:52646
Info
WebGlimpse 'wgarcmin.cgi' Path Disclosure Vulnerability
| Bugtraq ID: | 52646 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2009-5112 |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 18 2008 12:00AM |
| Updated: | Nov 18 2008 12:00AM |
| Credit: | Websecurity |
| Vulnerable: |
WebGlimpse.org WebGlimpse 2.18.7 WebGlimpse.org WebGlimpse 2.14.1 WebGlimpse.org WebGlimpse 2.0 |
| Not Vulnerable: | |
Discussion
WebGlimpse 'wgarcmin.cgi' Path Disclosure Vulnerability
WebGlimpse is prone to a path-disclosure vulnerability.
Exploiting this issue can allow an attacker to access sensitive data that may be used to launch further attacks against a vulnerable computer.
WebGlimpse 2.18.7 is vulnerable; other versions may also be affected.
WebGlimpse is prone to a path-disclosure vulnerability.
Exploiting this issue can allow an attacker to access sensitive data that may be used to launch further attacks against a vulnerable computer.
WebGlimpse 2.18.7 is vulnerable; other versions may also be affected.
Exploit / POC
WebGlimpse 'wgarcmin.cgi' Path Disclosure Vulnerability
The following example URI is available:
http://www.example.com/wgarcmin.cgi?NEXTPAGE=D&ID=1&DOC=1
The following example URI is available:
http://www.example.com/wgarcmin.cgi?NEXTPAGE=D&ID=1&DOC=1
Solution / Fix
WebGlimpse 'wgarcmin.cgi' Path Disclosure Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
WebGlimpse 'wgarcmin.cgi' Path Disclosure Vulnerability
References:
References:
- Webglimpse Homepage (Webglimpse)