Hosting Controller 1.x/6.1 - Multiple Information Disclosure Vulnerabilities

2005-03-07T00:00:00
ID EDB-ID:25194
Type exploitdb
Reporter small mouse
Modified 2005-03-07T00:00:00

Description

Hosting Controller 1.x/6.1 Multiple Information Disclosure Vulnerabilities. Remote exploit for windows platform

                                        
                                            source: http://www.securityfocus.com/bid/12748/info

Hosting Controller is reported prone to multiple information disclosure vulnerabilities. These issues can allow an attacker to disclose sensitive information, which may be used to carry out further attacks against a computer.

An attacker can access a sensitive file to enumerate domain names of all hosted domains.

Another issue affecting the application may allow remote users to disclose an administrator's email address.

These issues are reported to affect Hosting Controller 6.1 Hotfix 1.7. Other versions are likely to be affected as well.

http://www.example.com/admin/logs/HCDiskQuotaService.csv