Acuma Acusend Unauthorized Report Disclosure

2002-10-24T00:00:00
ID OSVDB:14471
Type osvdb
Reporter David Wray(davew@sec-tec.com)
Modified 2002-10-24T00:00:00

Description

Vulnerability Description

Acusend contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when an authenticated user can guess the URI of documents owned by other users, resulting in a loss of confidentiality.

Solution Description

Upgrade to version 6.0 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Acusend contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when an authenticated user can guess the URI of documents owned by other users, resulting in a loss of confidentiality.

References:

ISS X-Force ID: 10473 CVE-2002-1538 Bugtraq ID: 6048