SIPS 0.2.2 User Information Disclosure Vulnerability

2003-03-18T00:00:00
ID EDB-ID:22381
Type exploitdb
Reporter dwcgr0up
Modified 2003-03-18T00:00:00

Description

SIPS 0.2.2 User Information Disclosure Vulnerability. CVE-2003-1553. Remote exploits for multiple platform

                                        
                                            source: http://www.securityfocus.com/bid/7134/info

It has been reported that authentication is not required to view user account information. As a result, an unauthorized remote attacker may be able to view potentially sensitive information. This may aid in launching further attacks against a target user or system.

http://www.example.com/[sips_directory]/sipssys/users/[first_letter_of_UserID]/