NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 2001-02

From: UkR-XblP™ (cuctemaOK.RU)
Date: Mon Feb 12 2001 - 08:18:20 CST

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----------UkR security team advisory #6------------
Vulnerability in Muscat Empower wich can print path to
DB-dir.
--------------------------------------------------

Name: Vulnerability in Muscat Empower wich can print path to
DB-dir.
Date: 03.02.2001
Problem: when the request invalid send to database script
print path to it.
Author: UkR-XblP
Exploit: http://www.example.com/cgi-bin/empower?DB=UkRteamHole
Example:
http://www.nokia.com/cgi-bin/empower?DB=UkRteamHole
http://www.hmso.gov.uk/cgi-bin/empower?DB=UkRteamHole
Get your free e-mail address at http://www.zmail.ru

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]