ASPRunner Multiple Hidden Field Information Disclosure

2004-07-26T07:05:44
ID OSVDB:8252
Type osvdb
Reporter Ferruh Mavituna(ferruh@mavituna.com)
Modified 2004-07-26T07:05:44

Description

Vulnerability Description

ASPRunner contains a flaw that may lead to an unauthorized information disclosure. The issue is due to hidden fields and returned error pages, which will disclose sensitive information resulting in a loss of confidentiality.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

ASPRunner contains a flaw that may lead to an unauthorized information disclosure. The issue is due to hidden fields and returned error pages, which will disclose sensitive information resulting in a loss of confidentiality.

References:

Vendor URL: http://www.xlinesoft.com/asprunner/ Security Tracker: 1010777 Secunia Advisory ID:12164 Related OSVDB ID: 8254 Related OSVDB ID: 8251 Related OSVDB ID: 8253 Other Advisory URL: http://ferruh.mavituna.com/article/?574 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-07/0291.html ISS X-Force ID: 16800 CVE-2004-2058 Bugtraq ID: 10799