|
Family: CGI abuses --> Category: attack
VChat information disclosure Vulnerability Scan
Vulnerability Scan Summary Searches for the existence of vchat/msg.txt
Detailed Explanation for this Vulnerability Test
It is possible to retrieve the log of all the chat sessions
that have occured on the remote vchat server by requesting
the file vchat/msg.txt
A possible hacker may use this flaw to read past chat sessions and
possibly harass its participants.
In addition to this, another flaw in the same product may allow a possible hacker
to consume all the resources of the remote host by sending a long
message to this module.
Solution : None at this time. Add a .htaccess file to prevent a possible hacker
from obtaining this file
Threat Level: Low
Click HERE for more information and discussions on this network vulnerability scan.
|