|
Family: CGI abuses --> Category: attack
SimpleChat information disclosure Vulnerability Scan
Vulnerability Scan Summary Searches for the existence of data/usr
Detailed Explanation for this Vulnerability Test
It is possible to retrieve list of users currently connected to
the remote SimpleChat server by requesting the file data/usr.
A possible hacker may use this flaw to obtain the IP address of every
user currently connected and possibly harass them directly.
Solution : None at this time. Add a .htaccess file to prevent a possible hacker
from obtaining this file
Threat Level: Low
Click HERE for more information and discussions on this network vulnerability scan.
|