VegaDNS index.php VDNS_Sessid Variable path Disclosure

2005-08-10T10:42:47
ID OSVDB:18656
Type osvdb
Reporter OSVDB
Modified 2005-08-10T10:42:47

Description

Solution Description

Upgrade to version 0.9.9.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Manual Testing Notes

/index.php?VDNS_Sessid='

References:

Secunia Advisory ID:16370 Related OSVDB ID: 18658 Related OSVDB ID: 18657 Other Advisory URL: http://packetstorm.linuxsecurity.com/0508-exploits/vegadns-dyn0.txt CVE-2005-2609