Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: CGI abuses --> Category: attack

VChat information disclosure Vulnerability Scan

Vulnerability Scan Summary
Searches for the existence of vchat/msg.txt

Detailed Explanation for this Vulnerability Test

It is possible to retrieve the log of all the chat sessions
that have occured on the remote vchat server by requesting
the file vchat/msg.txt

A possible hacker may use this flaw to read past chat sessions and
possibly harass its participants.

In addition to this, another flaw in the same product may allow a possible hacker
to consume all the resources of the remote host by sending a long
message to this module.

Solution : None at this time. Add a .htaccess file to prevent a possible hacker
from obtaining this file

Threat Level: Low

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.