Home page logo

bugtraq logo Bugtraq mailing list archives

Re: @(#)Mordred Labs advisory - Texis sensitive information leak
From: "Kurt Seifried" <kurt () seifried org>
Date: Fri, 14 Mar 2003 20:51:59 -0800

//@(#) Mordred Security Labs advisory

Release date: March 15, 2003
Name: Texis sensitive information leak
Versions affected: all versions
Risk: average
Author: Sir Mordred (mordred () s-mail com, http://mslabs.iwebland.com)

III. Exploit:


Please note that simply blocking URL's ending in "?-dump" and "?-version"
won't work. You can append a space and additional text, such as:


I didn't bother to test any other special characters or encoding (i.e.
UNICODE), I suspect there may be other ones that can be used.

Kurt Seifried, kurt () seifried org
A15B BEE5 B391 B9AD B0EF
AEB0 AD63 0B4E AD56 E574

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]