MIT Massachusetts Institute of Technology Parent Directory Information Disclosure

2018.10.22

Juan Carlos Garcia (ES)

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

MIT Massachusetts Institute of Technology Parent Directory Information Disclosure


Report-Timeline:
================
2013-08-01:     Researcher Notification 
2013-08-03:     RESPONSE (bad response)
2013-08-07:     Ask About the issues
2013-08-10:     Not response / Ask about the issues
2013-08-12:     Ask about the issues / Not response/Not Fixed
2013-08-13:     Ask About the Issues
2013-08-24:     Not Fixed / Not Response
2013-08-15:     Full Disclosure


I-VULNERABILITIES
======================

#Title:MIT Massachusetts Institute of Technology Parent Directory Information Disclosure
#Vendor:http://www.mit.edu
#Author:Juan Carlos García (@secnight)
#Follow us @habemuscurso
http://hackingmadrid.blogspot.com
Twitter:@secnight


II-Introduction:
======================

The Massachusetts Institute of Technology (MIT) is a private research university located in Cambridge, Massachusetts, United States.
MIT has five schools and one college, containing a total of 32 academic departments, with a strong emphasis on scientific, engineering,
and technological education and research.

MIT places among the top ten in many overall rankings of universities (see right) and rankings based on students' revealed preferences.
For several years, U.S.News & World Report, the QS World University Rankings, and the Academic Ranking of World Universities have ranked MIT's School of Engineering first,
as did the 1995 National Research Council report. In the same lists, MIT's strongest showings apart from in engineering are in computer science, the natural sciences, business,
economics, linguistics, mathematics, and, to a lesser extent, political science and philosoph


III-PROOF OF CONCEPT
======================

Parent Directory Information Disclosure
______________________________________

http://www.mit.edu/afs/sipb/user/

http://www.mit.edu/afs/athena.mit.edu/

http://www.mit.edu/afs/

http://www.mit.edu/afs/sipb/admin/office/

http://www.mit.edu/afs/sipb/system/

http://www.mit.edu/afs/net/dev/tools/

http://www.mit.edu/afs/sipb.mit.edu/admin/cia/


IV. CREDITS
-------------------------

This vulnerabilities has been discovered
by Juan Carlos García(@secnight)


V. LEGAL NOTICES
-------------------------

The Author accepts no responsibility for any damage
caused by the use or misuse of this information.

See this note in RAW Version

Vote for this issue:

100%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

MIT Massachusetts Institute of Technology Parent Directory Information Disclosure

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.