Floosietek FTGate Mail Server 1.2 Path Disclosure Vulnerability

2004-04-06T00:00:00
ID EDB-ID:23914
Type exploitdb
Reporter dr_insane
Modified 2004-04-06T00:00:00

Description

Floosietek FTGate Mail Server 1.2 Path Disclosure Vulnerability. Webapps exploit for cgi platform

                                        
                                            source: http://www.securityfocus.com/bid/10059/info

It has been reported that FTGate it prone to a server path disclosure vulnerability. This issue is due to an ill conceived error message that includes the server path.

These issues may be leveraged to gain sensitive information about the affected system potentially aiding an attacker in mounting further attacks. 

http://www.example.com/inbox/message.fts
http://www.example.com/inbox/message.fts?folder=Sent%20Items&id=test