-
February 7th, 2002, 06:45 AM
#1
MRTG Configuration Generator Path Disclosure Vulnerability
A vulnerability has been reported in mrtg.cgi that could allow a malicious user to view the full path to the web root. MRTG Configuration Generator is a configuration file generator for devices being monitored on a network.
If a user submits a HTTP request to a host containing unusual characters, the server will return an error page containing the path to the web root.
Vulnerable: MRTG Configuration Generator MRTGconfig 0.5.9
No exploit code is required.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|