|
Family: CGI abuses --> Category: infos
Crystal Report virtual directory traversal Vulnerability Scan
Vulnerability Scan Summary Crystal Report virtual directory traversal
Detailed Explanation for this Vulnerability Test
The remote host is running a version of Crystal Report Web interface
which is vulnerable to a remote directory traversal bug. A possible hacker
exploiting this bug would be able to gain access to potentially
confidential material outside of the web root. For more
information, see:
http://support.businessobjects.com/fix/hot/critical/bulletins/security_bulletin_june04.asp
If you use Crystal Reports through a Microsoft product, see also :
http://www.microsoft.com/technet/security/bulletin/MS04-017.mspx
Solution: Upgrade the software or utilize ACLs on the virtual directory
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|