VisNetic Website路径泄露漏洞

漏洞信息详情

VisNetic Website路径泄露漏洞

• CNNVD编号：CNNVD-200308-067
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2003-0456
  
• 漏洞类型：
  
  
  信息泄露
  
• 发布时间：
  
  2003-08-18
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  deerfield
• 漏洞来源：
  Discovery of this …

VisNetic WebSite 3.5版本存在漏洞。远程攻击者借助包含不存在文件的请求获取服务器的完整路径名，该漏洞在错误消息中泄漏路径名，比如使用_vti_bin/fcount.exe。

It has been reported that this issue has been addressed in the latest version of the software. Customers can download the update from the VisNetic Website administration console.
Deerfield VisNetic Website 3.5.13 .1

• Deerfield VisNetic WebSite Downloads
  
  http://www.deerfield.com/download/visnetic_website/

Deerfield VisNetic Website 3.5.15

• Deerfield VisNetic WebSite Downloads
  
  http://www.deerfield.com/download/visnetic_website/

Deerfield VisNetic Website 3.5.17

• Deerfield VisNetic WebSite Downloads
  
  http://www.deerfield.com/download/visnetic_website/

来源: BID
名称: 8075
链接:http://www.securityfocus.com/bid/8075

来源: BUGTRAQ
名称: 20030701 VisNetic WebSite Path Disclosure Vulnerability
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=105733894003737&w=2

来源: VULNWATCH
名称: 20030701 VisNetic WebSite Path Disclosure Vulnerability
链接:http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0002.html

来源: XF
名称: visnetic-website-path-disclosure(12483)
链接:http://xforce.iss.net/xforce/xfdb/12483

来源: www.krusesecurity.dk
链接:http://www.krusesecurity.dk/advisories/vis0103.txt