CGI abuses : VChat information disclosure

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.11471

Categoría: CGI abuses

Título: VChat information disclosure

Resumen: NOSUMMARY

Descripción: Description:

It is possible to retrieve the log of all the chat sessions
that have occured on the remote vchat server by requesting
the file vchat/msg.txt

An attacker may use this flaw to read past chat sessions and
possibly harass its participants.

In addition to this, another flaw in the same product may allow an attacker
to consume all the resources of the remote host by sending a long
message to this module.

Solution : None at this time. Add a .htaccess file to prevent an attacker
from obtaining this file

Risk factor : Low

Referencia Cruzada: BugTraq ID: 7186
BugTraq ID: 7188

Copyright This script is Copyright (C) 2003 Renaud Deraison

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.11471
Categoría:	CGI abuses
Título:	VChat information disclosure
Resumen:	NOSUMMARY
Descripción:	Description: It is possible to retrieve the log of all the chat sessions that have occured on the remote vchat server by requesting the file vchat/msg.txt An attacker may use this flaw to read past chat sessions and possibly harass its participants. In addition to this, another flaw in the same product may allow an attacker to consume all the resources of the remote host by sending a long message to this module. Solution : None at this time. Add a .htaccess file to prevent an attacker from obtaining this file Risk factor : Low
Referencia Cruzada:	BugTraq ID: 7186 BugTraq ID: 7188
Copyright	This script is Copyright (C) 2003 Renaud Deraison