M-TECH P-Synch 6.2.5 Path Disclosure Vulnerability

ID SSV:76473
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00


No description provided by source.

                                                source: http://www.securityfocus.com/bid/7740/info

Reportedly an attacker may make a malicious HTTP request for specific P-Synch executables passing an empty URI parameter to trigger the condition. Although unconfirmed, it is likely that the request will cause P-Sync to display an error message containing the path to the executable.

This vulnerability was reported to affect P-Synch version 6.2.5 other versions may also be affected.