12 lines
No EOL
604 B
Text
12 lines
No EOL
604 B
Text
source: http://www.securityfocus.com/bid/7105/info
|
|
|
|
Thunderstone TEXIS is prone to an information-disclosure vulnerability.
|
|
|
|
Under certain circumstances, an attacker may pass command-line switches as URI parameters to the TEXIS executable. This action may cause the vulnerable server to return sensitive information in the form of a webpage to the attacker's browser.
|
|
|
|
Information obtained may be used in further attacks against the system.
|
|
|
|
Versions prior to Texis 4.02.1047934696 20030317 are vulnerable.
|
|
|
|
http://www.example.com/texis.exe/?-version
|
|
http://www.example.com/texis.exe/?-dump |