Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0596

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2002-0596
Last Modified 16 Jan 2010 12:00:00
Published 18 Jun 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0596

Summary

WebTrends Reporting Center 4.0d allows remote attackers to determine the real path of the web server via a GET request to get_od_toc.pl with an empty Profile parameter, which leaks the pathname in an error message.

Vulnerable Systems

Application

  • Webtrends Reporting Center 4.0d


References

XF - webtrends-profile-path-disclosure(8865)

OSVDB - 10447

MISC - http://www.ngssoftware.com/advisories/wtr.txt

BUGTRAQ - 20020416 Webtrends Reporting Center Buffer Overflow (#NISR17042002C)


Last Updated: 27 May 2016 10:36:59