header-logo
Suggest Exploit
vendor:
Gattaca Server 2003
by:
5.5
CVSS
MEDIUM
Path Disclosure
200
CWE
Product Name: Gattaca Server 2003
Affected Version From: 1.1.10.0
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:

Multiple Path Disclosure Vulnerabilities in Gattaca Server 2003

By sending HTTP requests to Gattaca's web server, it is reportedly possible to cause the application to return error pages that contain the full installation path of the application and the web document root path. These vulnerabilities could be used by an attacker to aid them in further attacks against the server.

Mitigation:

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/10729/info
 
It is reported that Gattaca Server 2003 contains multiple path disclosure vulnerabilities.
 
By sending HTTP requests to Gattaca's web server, it is reportedly possible to cause the application to return error pages that contain the full installation path of the application and the web document root path.
 
These vulnerabilities could be used by an attacker to aid them in further attacks against the server.
 
Version 1.1.10.0 is reported vulnerable. Prior versions may also contain these vulnerabilities as well. 

http://www.example.com/web.tmpl?HELPID=8000&TEMPLATE=skins//water&LANGUAGE=[whatever]

Navigation

Suggest Exploit

Services By CQR