M-TECH P-Synch 6.2.5 Path Disclosure Vulnerability

ID EDB-ID:22674
Type exploitdb
Reporter JeiAr
Modified 2003-05-29T00:00:00


M-TECH P-Synch 6.2.5 Path Disclosure Vulnerability. Remote exploit for windows platform

                                            source: http://www.securityfocus.com/bid/7740/info

Reportedly an attacker may make a malicious HTTP request for specific P-Synch executables passing an empty URI parameter to trigger the condition. Although unconfirmed, it is likely that the request will cause P-Sync to display an error message containing the path to the executable.

This vulnerability was reported to affect P-Synch version 6.2.5 other versions may also be affected.