OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: UkR-XblP™ (cuctemaOK.RU)
Date: Mon Feb 12 2001 - 08:18:20 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    -----------UkR security team advisory #6------------
    Vulnerability in Muscat Empower wich can print path to
    DB-dir.
    --------------------------------------------------

    Name: Vulnerability in Muscat Empower wich can print path to
    DB-dir.
    Date: 03.02.2001
    Problem: when the request invalid send to database script
    print path to it.
    Author: UkR-XblP
    Exploit: http://www.example.com/cgi-bin/empower?DB=UkRteamHole
    Example:
    http://www.nokia.com/cgi-bin/empower?DB=UkRteamHole
    http://www.hmso.gov.uk/cgi-bin/empower?DB=UkRteamHole
    Get your free e-mail address at http://www.zmail.ru