Vulners
Lucene search
OpenConnect WebConnect 6.46.5 - jretest.html Traversal Arbitrary File Access
source: https://www.securityfocus.com/bid/12613/info
OpenConnect WebConnect is reported prone to multiple vulnerabilities. The following individual issues are reported:
WebConnect is reported prone to a remote denial of service vulnerability.
A remote attacker may exploit this vulnerability to crash the WebConnect software and deny service for legitimate users.
A directory traversal vulnerability is also reported to affect WebConnect. This issue is reported to exist due to a lack of sufficient sanitization performed on a user-supplied URI parameter that is passed to the 'jretest.html' script.
A remote attacker may exploit this vulnerability to disclose the contents of server readable files.
http://www.example.com:2080/jretest.html?lang=&parms=default&WCP_USER=..//..//..//..//..//boot.ini&action=
http://www.example.com:2080/COM1Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
21 Feb 2005 00:00Current