Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0694

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-0694
Last Modified 05 Sep 2008 04:47:02
Published 07 Mar 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-0694

Summary

Hosting Controller 6.1 Hotfix 1.7 and earlier stores log files under the web root, which allows remote attackers to obtain sensitive information via a direct request to HCDiskQuotaService.csv.

Vulnerable Systems

Application

  • Hosting Controller 1.1

  • Hosting Controller 1.3

  • Hosting Controller 1.4.1

  • Hosting Controller 1.4b

  • Hosting Controller 6.1

  • Hosting Controller 6.1 Hotfix 1.4

  • Hosting Controller 6.1 Hotfix 1.7


References

SECUNIA - 14522

BUGTRAQ - 20050307 Hosting Controller Multiple Unauthenticated information disclose

MISC - http://isun.shabgard.org/hc2.txt


Last Updated: 27 May 2016 10:39:54