[34048] in bugtraq
Re: Invision Power Board 1.3 Final Path Disclosure Vulnerability
daemon@ATHENA.MIT.EDU (JeiAr)
Fri Mar 5 14:58:27 2004
Date: 5 Mar 2004 17:18:26 -0000
Message-ID: <20040305171826.24005.qmail@www.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: JeiAr <security@gulftech.org>
To: bugtraq@securityfocus.com
In-Reply-To: <20040305130832.64623.qmail@web25104.mail.ukl.yahoo.com>
This "vulnerability" was actually reported by GulfTech Security on March 2nd
http://www.gulftech.org/03022004.php
and posted on the governmentsecurity.org message board March 3rd
http://www.governmentsecurity.org/forum/index.php?showtopic=7008
>~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*
>
>Product: Invision Power Board
> http://www.invisionboard.com
>Versions: 1.3 Final (and probably lower)
>Bug: Disclosure of install path
>Impact: Attacker learns the local install
> path of Invision Power Board and the
> htdocs
>Date: March 05, 2004
>Author: Shaun Colley
> Email: shaunige@yahoo.co.uk
> WWW: http://www.nettwerked.co.uk
>
>~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*
>
