Ultraseek Server Path Disclosure Vulnerability

vendor:

Ultraseek Server

by:

SecurityFocus

7.5

CVSS

HIGH

Path Disclosure

200

CWE

Product Name: Ultraseek Server

Affected Version From: 3

Affected Version To: 3

Patch Exists: NO

Related CWE: N/A

CPE: //a:ultraseek_server:3.0

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2002

Ultraseek Server Path Disclosure Vulnerability

Due to a failure to properly validate user-supplied input, URLs submitted by a remote user of the form: http://target:8765/example/ will, if the file 'example' does not exist, return an error message which discloses sensitive path and server configuration information. As a result, it is possible for an attacker to obtain information about the server's configuration and directory structure, which could be used to support further attacks.

Mitigation:

Ensure that the Ultraseek Server is configured to only return error messages to administrative IP addresses.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/2062/info

A vulnerability exists in version 3.0 of Ultrseek server (aka Inktomi Search).

Due to a failure to properly validate user-supplied input, URLs submitted by a remote user of the form:

http://target:8765/example/

will, if the file 'example' does not exist, return an error message which discloses sensitive path and server configuration information.

As a result, it is possible for an attacker to obtain information about the server's configuration and directory structure, which could be used to support further attacks.

This may be the result of a weak default configuration. Ultraseek Server returns detailed error information when requests are recieved from an administrative IP address. By default, administrative status is given to all addresses.