BugPort未经授权的配置文件查看漏洞

漏洞信息详情

BugPort未经授权的配置文件查看漏洞

• CNNVD编号：CNNVD-200412-1167
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2004-2353
  
• 漏洞类型：
  
  
  配置错误
  
• 发布时间：
  
  2004-12-31
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  incogen
• 漏洞来源：
  This issue was rep…

BugPort 1.099之前的版本将配置文件(conf/config.conf)存储在带有不能被web服务器正常解析的文件扩展名的web文档根中。远程攻击者可以获得敏感信息。

This issue has been addressed as of BugPort version 1.099.
INCOGEN BugPort 1.092

• INCOGEN bugport-current.tar.gz
  
  http://www.incogen.com/downloads/bugport/bugport-current.tar.gz

INCOGEN BugPort 1.091

• INCOGEN bugport-current.tar.gz
  
  http://www.incogen.com/downloads/bugport/bugport-current.tar.gz

INCOGEN BugPort 1.090

• INCOGEN bugport-current.tar.gz
  
  http://www.incogen.com/downloads/bugport/bugport-current.tar.gz

INCOGEN BugPort 1.094

• INCOGEN bugport-current.tar.gz
  
  http://www.incogen.com/downloads/bugport/bugport-current.tar.gz

INCOGEN BugPort 1.096

• INCOGEN bugport-current.tar.gz
  
  http://www.incogen.com/downloads/bugport/bugport-current.tar.gz

INCOGEN BugPort 1.093

• INCOGEN bugport-current.tar.gz
  
  http://www.incogen.com/downloads/bugport/bugport-current.tar.gz

INCOGEN BugPort 1.097

• INCOGEN bugport-current.tar.gz
  
  http://www.incogen.com/downloads/bugport/bugport-current.tar.gz

INCOGEN BugPort 1.098

• INCOGEN bugport-current.tar.gz
  
  http://www.incogen.com/downloads/bugport/bugport-current.tar.gz

INCOGEN BugPort 1.095

• INCOGEN bugport-current.tar.gz
  
  http://www.incogen.com/downloads/bugport/bugport-current.tar.gz

来源: XF
名称: bugport-obtain-information(15030)
链接:http://xforce.iss.net/xforce/xfdb/15030

来源: BID
名称: 9542
链接:http://www.securityfocus.com/bid/9542

来源: SECUNIA
名称: 10785
链接:http://secunia.com/advisories/10785/

来源: www.incogen.com
链接:http://www.incogen.com/downloads/bugport/CHANGELOG.txt