WebTrends Reporting Center 6.1 Management Interface Path Disclosure Vulnerability

2004-01-20T00:00:00
ID EDB-ID:23559
Type exploitdb
Reporter Oliver Karow
Modified 2004-01-20T00:00:00

Description

WebTrends Reporting Center 6.1 Management Interface Path Disclosure Vulnerability. CVE-2004-2748. Remote exploit for windows platform

                                        
                                            source: http://www.securityfocus.com/bid/9460/info

The WebTrends Reporting Center management interface discloses installation path information when an invalid argument for an interface URI parameter is requested. This information may permit an attacker to enumerate the layout of the underlying file system of the host.

This issue was reported for version 6.1a of the software running on Microsoft Windows. Other platforms and versions may also be affected.

http://www.example.com:1099/viewreport.pl?profileid=dontexist