| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <5452427$110262518141b8b99d5b37f5.90164902@config19.schlund.de> Date: Thu, 9 Dec 2004 21:54:02 +0100 From: <oliver@...yhat.de> To: <bugtraq@...urityfocus.com> Subject: F-Secure Policy Manager - physical path disclosure F-Secure Policy Manager - Management Agent - physical path disclosure vulnerability ===================================================================================== Version: ======== FSMSH Version 5.11.2810 - on Win32 (not tested on other platforms) Vuln: ===== A webserver is running on Port 80/tcp. Connecting to the port via a webbrowser offers the following link, available without authentication: /fsms/fsmsh.dll?FSMSCommand=GetVersion Following this link will give the Version Number of the application: 5.11.2810 However.... modifiying the link as follows: /fsms/fsmsh.dll? will give the following result, containing the physical path of the f-secure installation: FSMSH Version 5.11.2810 Started at: 04/12/07 20:18:48 Processed requests: 8780 Commdir path: C:\Programme\F-Secure\Management Server 5\CommDir COMMDIR: C:\Programme\F-Secure\Management Server 5\CommDir found C:\Programme\F-Secure\Management Server 5\CommDir\commdir.cfg found Repository API initialized - status: OK Vendor: ======= www.f-secure.com Informed by mail on 07.Dec.2004; Response at 08.Dec.; Will be fixed anytime. Discovered by: ============== oliver karow This document: http://www.oliverkarow.de/research/f-secure.txt
Powered by blists - more mailing lists