|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: c0rrect0r
hushmail.comDate: Tue Jul 02 2002 - 00:56:02 CDT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Problem:
An anonymous user can see the listing of the current and parent directory of CommuniGatePro WebUser directory.
Vulnerable:
All current versions of CommuniGatePro <= 4.0b4
Details:
You can get the listing of directory by accessing the CommuiGatePro webmail for example http://host.com/. or http://host.com/..
Vendor Response:
"Thanks for telling, we'll fix it.
Fortunately it's not a security hole since there's no write access, the
contents of that directory is of no interest and other directories are not
accessible this way."
-----BEGIN PGP SIGNATURE-----
Version: Hush 2.1
Note: This signature can be verified at https://www.hushtools.com
wl4EARECAB4FAj0hQH0XHGMwcnJlY3QwckBodXNobWFpbC5jb20ACgkQ3UKq03kicjSo
mgCguaeWoJfXGgL+trYOBu09bmB2T5sAn3rQ6LuLftsLd1OlXXhbgETd34Ci
=a0ah
-----END PGP SIGNATURE-----
Communicate in total privacy.
Get your free encrypted email at https://www.hushmail.com/?l=2
Looking for a good deal on a domain name? http://www.hush.com/partners/offers.cgi?id=domainpeople
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]