7th Jan 2002 [SBWID-4976]
COMMAND
AOLserver Unauthorized File Disclosure Vulnerability
SYSTEMS AFFECTED
AOLserver 3.4.2
PROBLEM
Tamer Sahin [http://www.securityoffice.net] posted :
Due to a flaw in AOLserver 3.4.2 for Windows, it is possible for a user
to gain read access of known password protected files residing on a
AOLserver host.
http://host/passwordprotected.file.
Example:
http://host/nstelemetry.adp.
SOLUTION
Update available ??
TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH
