Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2506

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-2506
Last Modified 05 Sep 2008 04:44:20
Published 31 Dec 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-2506

Summary

Unparsed web content delivery vulnerability in WIKINDX before 0.9.9g allows remote attackers to obtain sensitive information via a direct HTTP request to the config.inc file.

Vulnerable Systems

Application

  • Wikindx 0.9.1

  • Wikindx 0.9.2

  • Wikindx 0.9.3

  • Wikindx 0.9.4

  • Wikindx 0.9.5

  • Wikindx 0.9.6

  • Wikindx 0.9.7

  • Wikindx 0.9.8

  • Wikindx 0.9.9

  • Wikindx 0.9.9b

  • Wikindx 0.9.9c

  • Wikindx 0.9.9d

  • Wikindx 0.9.9e

  • Wikindx 0.9.9f


References

XF - wikindx-configinc-obtain-information(15885)

CONFIRM - http://sourceforge.net/project/shownotes.php?release_id=231421

SECUNIA - 11394

OSVDB - 5401


Last Updated: 27 May 2016 10:39:30