Results 1 to 2 of 2

Thread: MRTG Configuration Generator Path Disclosure Vulnerability

  1. #1
    Fastest Thing Alive s0nIc's Avatar
    Join Date
    Sep 2001
    Location
    Sydney
    Posts
    1,584

    Exclamation MRTG Configuration Generator Path Disclosure Vulnerability

    A vulnerability has been reported in mrtg.cgi that could allow a malicious user to view the full path to the web root. MRTG Configuration Generator is a configuration file generator for devices being monitored on a network.

    If a user submits a HTTP request to a host containing unusual characters, the server will return an error page containing the path to the web root.

    Vulnerable: MRTG Configuration Generator MRTGconfig 0.5.9

    No exploit code is required.

  2. #2
    Senior Member
    Join Date
    Dec 2001
    Posts
    1,193
    actually wanted to comment on your oracle post but the reply page keeps timing out. Was considering orcale 9 but now will wait to see these problems solved first.
    Trappedagainbyperfectlogic.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •