|
Family: Remote file access --> Category: attack
3com RAS 1500 configuration disclosure Vulnerability Scan
Vulnerability Scan Summary Obtains the remote user_settings.cfg
Detailed Explanation for this Vulnerability Test
The remote 3com SuperStack II Remote Access System 1500 discloses
its user configuration (user_settings.cfg) when the file is
requested through the web interface.
This file contains the password (in clear text) of this device
as well as other sensitive information.
A possible hacker may use this flaw to gain the control of this host
Solution : filter incoming traffic to this host
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|