3 matches found
CVE-2003-0456
VisNetic WebSite 3.5 allows remote attackers to obtain the full pathname of the server via a request containing a folder that does not exist, which leaks the pathname in an error message, as demonstrated using vtibin/fpcount.exe...
CVE-2003-0456
CVE-2003-0456 concerns VisNetic WebSite 3.5 where a remote attacker can reveal the server’s full pathname via an error message triggered by a request for a non-existent folder (e.g., using _vti_bin/fpcount.exe). This is a path-disclosure vulnerability that exposes sensitive filesystem information...
CVE-2003-0456
VisNetic WebSite 3.5 allows remote attackers to obtain the full pathname of the server via a request containing a folder that does not exist, which leaks the pathname in an error message, as demonstrated using vtibin/fpcount.exe...