10 lines
No EOL
614 B
Text
10 lines
No EOL
614 B
Text
source: https://www.securityfocus.com/bid/8515/info
|
|
|
|
A vulnerability has been discovered in SAP Internet Transaction Server (SITS)that could allow an attacker to obtain sensitive information. The problem occurs due to SITS disclosing sensitive local filesystem information when handling malformed requests. Specifically, an attacker who submits a request containing invalid values will receive an error response message in return. This response may contain sensitive information.
|
|
|
|
http://www.server.name/scripts/wgate/pbw2/!?
|
|
|
|
with params:
|
|
~runtimemode=DM&
|
|
~language=en&
|
|
~theme=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx& |