header-logo
Suggest Exploit
vendor:
Sambar Server
by:
SecurityFocus
3.3
CVSS
MEDIUM
Information Disclosure
200
CWE
Product Name: Sambar Server
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

Information Disclosure Vulnerability in Sambar Server

An information disclosure vulnerability has been reported for Sambar Server. The vulnerability exists in some files existing in Sambar Server's cgi-bin directory. An attacker can exploit this vulnerability by making a request for these files. This will result in Sambar Server returning potentially sensitive information. An attacker can use the information obtained in this manner to launch further attacks against a vulnerable host.

Mitigation:

Restrict access to the cgi-bin directory and the files contained within it.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/7207/info

An information disclosure vulnerability has been reported for Sambar Server. The vulnerability exists in some files existing in Sambar Server's cgi-bin directory.

An attacker can exploit this vulnerability by making a request for these files. This will result in Sambar Server returning potentially sensitive information.

An attacker can use the information obtained in this manner to launch further attacks against a vulnerable host. 

http://[target]/cgi-bin/environ.pl
http://[target]/cgi-bin/testcgi.exe

Navigation

Suggest Exploit

Services By CQR