[20413] in bugtraq
Advisory for Netcruiser
daemon@ATHENA.MIT.EDU (neme-dhc@HUSHMAIL.COM)
Tue Apr 24 18:21:57 2001
Mime-version: 1.0
Content-type: multipart/mixed;
boundary="Hushpart_boundary_dYBlGuXkiCsVSSTPyIOvheXWuBPDCLYT"
Message-ID: <200104241515.IAA05765@user7.hushmail.com>
Date: Tue, 24 Apr 2001 08:13:55 -0500
Reply-To: neme-dhc@HUSHMAIL.COM
From: neme-dhc@HUSHMAIL.COM
To: BUGTRAQ@SECURITYFOCUS.COM
--Hushpart_boundary_dYBlGuXkiCsVSSTPyIOvheXWuBPDCLYT
Content-type: text/plain
[ Advisory for NetCruiser 0.1.2.8 ]
[ Netcruiser is made by Netcuiser Software ]
[ Site: http://www.netcruiser-software.com ]
[ by nemesystm of the DHC ]
[ (http://dhcorp.cjb.net - neme-dhc@hushmail.com) ]
[ ADV-0110 ]
/-|=[explanation]=|-\
Netcruiser is a webserver. It has a simple path
revealance bug.
/-|=[who is vulnerable]=|-\
Anyone running NetCruiser 0.1.2.8 and prior.
/-|=[testing it]=|-\
To test this vulnerability, try the following.
www.server.com/con
www.server.com/com2
www.server.com/com3
Other device names do not exhibit this type of
behaviour.
/-|=[fix]=|-\
Not known at the moment.
Free, encrypted, secure Web-based email at www.hushmail.com
--Hushpart_boundary_dYBlGuXkiCsVSSTPyIOvheXWuBPDCLYT--
