Bug: Dem_trac acces to log file wihtout authentification ( Ascii Version )

Search:
WLB2

Dem_trac acces to log file wihtout authentification

Published
Credit
Risk
2007.02.22
sn0oPy
Low
CWE
CVE
Local
Remote
N/A
CVE-2007-1046
No
Yes

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None

* Dem_trac acces to log file wihtout authentification

* By : sn0oPy

* Risk : low

* site : http://jc.meier.free.fr

* exploit :

juste add to the url "anc_sit.txt"
http://www.target.ma >>> http://www.target.ma/anc_sit.txt

Dork :

intitle:"Gestion des fichiers log"

* contact : sn0oPy (at) avenir-geopolitique (dot) net [email concealed]

* greetz : [subzero], http://forums.avenir-geopolitique.net.

* reference : http://forums.avenir-geopolitique.net/viewtopic.php?t=2673

See this note in TXT Version

Bugtraq RSS
Bugtraq
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn
 
CVE RSS
CVEMAP

Copyright 2014, cxsecurity.com
Ascii Version