Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2374

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-2374
Last Modified 05 Sep 2008 04:43:57
Published 31 Dec 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-2374

Summary

BadBlue 2.4 allows remote attackers to obtain the location of the server installation path via a request for phptest.php, which includes the pathname in the source of the resulting HTML.

Vulnerable Systems

Application

  • Working Resources Inc. Badblue 2.40


References

XF - badblue-phptestphp-path-disclosure(15311)

BID - 9737

BUGTRAQ - 20040224 BadBlue 2.4 Local Path Disclosure By phptest.php


Last Updated: 27 May 2016 10:39:26