11 lines
No EOL
611 B
Text
11 lines
No EOL
611 B
Text
source: http://www.securityfocus.com/bid/11134/info
|
|
|
|
Regulus is reported prone to an information disclosure vulnerability. It is reported that it is possible to view a target users connection statistics without requiring valid credentials.
|
|
|
|
An attacker may employ data that is obtained in this manner to aid in further attacks launched against the vulnerable software.
|
|
|
|
This vulnerability is reported to affect all versions of SAFE TEAM Regulus.
|
|
|
|
http://example.com/base-dir/htmlcust/custchoice.php?lang=English&userid=<name>&action=To see your connections logs
|
|
|
|
Where '<name>' is the target username. |