7 lines
No EOL
512 B
Text
7 lines
No EOL
512 B
Text
source: http://www.securityfocus.com/bid/11132/info
|
|
|
|
SAFE TEAM Regulus is reported prone to an information disclosure vulnerability. It is reported that any user may make a request for the Regulus 'staffile' file hosted on a target server. This file contains a list of Regulus 'staff' users and their corresponding password hashes.
|
|
|
|
An attacker may employ data that is obtained in this manner to aid in further attacks launched against the vulnerable software.
|
|
|
|
http://example.com/base-dir/access/stafffile |