There is a remote security vulnerability in the Nokia IPSO operating
system.
Anyone with access to the webgui (Voyager) on the Nokia IP-box
can read any file on the system.
For example, login as the user 'monitor' (disabled by default)
and use the readfile.tcl to read any file:
<http://x.x.x.x/cgi-bin/readfile.tcl?file=/etc/master.passwd>
Tested on IPSO 3.6-FCS6
Regards,
Jonas Eriksson
<http://sekure.net>
TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH
