Oracle Reports Server 6.0.8/9.0.2 Information Disclosure Vulnerability

2014-07-01T00:00:00
ID SSV:75452
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00

Description

No description provided by source.

                                        
                                            
                                                source: http://www.securityfocus.com/bid/5262/info

A problem with Reports Server could make it possible to gain sensitive information from the server.

Under some circumstances, Reports Server may yield sensitive information to unauthenticated remote users. This information may include the system path, software installed on the vulnerable system, and other information that may be used as points of entry.

http://some.site.com/cgi-bin/rwcgi60
http://some.site.com/cgi-bin/rwcgi60/showenv