Arbitrary file access on the web server
Thu, 04/30/2009 - 22:31 — victor
Name:
3COM ADSL Wireless Router Information Disclosure
Filename:
specialcgi100.db
SPID:
5084
Impact:
It is possible on the remote web server to access the app_sta.stm file. This file contains sensitive information. An attacker can use this information to base other attacks on.
Solution:
Please upgrade to the latest version from http://www.3com.com/ and or block incoming traffic to the identified file.
Risk:
Low
Privacy Statement | Link Policy | User Policy | SecPoint® Blog | SecPoint® Forum
SecPoint® Pictures | SecPoint® Event Pictures | SecPoint® Exploit Archive | SecPoint® Web Shop | SecPoint® Library
SecPoint® Video | SecPoint® Sitemap
© Copyright 1999-2008: SecPoint®
SecPoint ApS - Lergravsvej 53 - 2300 Copenhagen S - Phone +45 70 235 245
| Recent awards | Compatible with | Visit us on Facebook! | Visit us on LinkedIn! | Visit us on Myspace! | |||||
 |
 |
 |
 |
 |
 Group! |
 |
 follow us on Twitter!  |
||