Reported February 6, 2001, by phinegeek.
VERSIONS AFFECTED
-
Any machine running Thunderstone’s Texis CGI software
DESCRIPTION
An information disclosure
vulnerability exists in Thunderstone Software’s Texis CGI software in that a
query for an invalid path will disclose the full path to webroot, and in some
cases reveal information about the host system.
VENDOR RESPONSE
The vendor, Thunderstone, has been notified but has not released a response.
CREDIT
Discovered by phinegeek.
0 comments
Hide comments