Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6197

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2007-6197
Last Modified 07 Mar 2011 10:02:08
Published 01 Dec 2007 01:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-6197

Summary

The Plumtree portal in BEA AquaLogic Interaction 5.0.2 through 5.0.4 and 6.0.1.218452 allows remote attackers to obtain version numbers and internal hostnames by reading comments in the HTML source of any page.

Vulnerable Systems

Application

  • Bea Aqualogic Interaction 5.0.2

  • Bea Aqualogic Interaction 5.0.3

  • Bea Aqualogic Interaction 5.0.4

  • Bea Aqualogic Interaction 6.0.1.218452


References

SECUNIA - 27840

VUPEN - ADV-2007-4040

SECTRACK - 1019005

MISC - http://procheckup.com/Vulnerability_PR06-09.php

MISC - http://procheckup.com/Vulnerability_PR06-08.php

BUGTRAQ - 20071201 PR06-08: BEA Plumtree portal internal hostname disclosure vulnerability


Last Updated: 27 May 2016 10:46:24