Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web :: Servers :: web4976.htm

AOLserver Unauthorized File Disclosure Vulnerability



7th Jan 2002 [SBWID-4976]
COMMAND

	AOLserver Unauthorized File Disclosure Vulnerability

SYSTEMS AFFECTED

	AOLserver 3.4.2

PROBLEM

	Tamer Sahin [http://www.securityoffice.net] posted :
	

	Due to a flaw in AOLserver 3.4.2 for Windows, it is possible for a  user
	to gain read access of known password  protected  files  residing  on  a
	AOLserver host.
	

	http://host/passwordprotected.file.

	

	Example:

	http://host/nstelemetry.adp.

	

SOLUTION

	Update available ??


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH