Zixforum ZixForum.mdb Database Disclosure Vulnerability

2004-07-19T00:00:00
ID EDB-ID:24385
Type exploitdb
Reporter Security .Net Information
Modified 2004-07-19T00:00:00

Description

Zixforum ZixForum.mdb Database Disclosure Vulnerability. Webapps exploit for asp platform

                                        
                                            source: http://www.securityfocus.com/bid/10982/info

Zixforum is reported prone to a database disclosure vulnerability. It is reported that remote users may download the database file ''ZixForum.mdb' and gain access to sensitive information including unencrypted authentication credentials.

All versions of Zixforum are considered vulnerable to this issue.

This issue is being retired due to the fact that this is not a vulnerability in the application. Configuring the Web server to restrict access to sensitive files can prevent this problem.

http://www.example.com/forum/ZixForum.mdb