|
CVE Reference: CVE-2004-0917
|
|
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.
|
|
Original Page at CVE MITRE:
CVE-2004-0917
|
|
Description:
The default installation of Vignette Application Portal installs the diagnostic utility without authentication requirements, which allows remote attackers to gain sensitive information, such as server and OS version, and conduct unauthorized activities via an HTTP request to /diag.
|
|
CVE Status:
Candidate
|
|
References:
XF
http://xforce.iss.net/xforce/xfdb/17530
ST
1011447
BID
11267
ATSTAKE
http://www.atstake.com/research/advisories/2004/a092804-1.txt
|
|
|
Return to the previous page.
|
