SAFE TEAM Regulus 2.2 Customer Statistics Information Disclosure Vulnerability

2014-07-01T00:00:00
ID SSV:78280
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00

Description

No description provided by source.

                                        
                                            
                                                source: http://www.securityfocus.com/bid/11134/info

Regulus is reported prone to an information disclosure vulnerability. It is reported that it is possible to view a target users connection statistics without requiring valid credentials.

An attacker may employ data that is obtained in this manner to aid in further attacks launched against the vulnerable software.

This vulnerability is reported to affect all versions of SAFE TEAM Regulus.

http://example.com/base-dir/htmlcust/custchoice.php?lang=English&userid=<name>&action=To see your connections logs

Where '<name>' is the target username.