3Com OfficeConnect Wireless 11g Access Point Hidden Pages Information Disclosure

2005-07-25T12:05:17
ID OSVDB:18256
Type osvdb
Reporter OSVDB
Modified 2005-07-25T12:05:17

Description

Vulnerability Description

3com OfficeConnect Wireless 11g Access Point contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when certain hidden web pages are accessed by unauthenticated users, which will disclose sensitive information resulting in a loss of confidentiality.

Solution Description

Upgrade to version 1.03.12 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

3com OfficeConnect Wireless 11g Access Point contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when certain hidden web pages are accessed by unauthenticated users, which will disclose sensitive information resulting in a loss of confidentiality.

References:

Vendor URL: http://www.3com.com/products/en_US/detail.jsp?tab=features&pathtype=purchase&sku=3CRWE454G72 Vendor Specific Advisory URL Security Tracker: 1014578 Secunia Advisory ID:16207 ISS X-Force ID: 21549 CVE-2005-2391 Bugtraq ID: 14370