Vulnerability
Go Express Search
Affected
Go Express Search
Description
Disney's Go Express Search operates an http server at port 1234
without authentication. Remote users can submit search queries,
and view queries and personal links left by other users. It's
possible to access the configuration interface, which can reveal
the e-mail address of the user who registered it. Configuration
settings can be changed remotely to, for instance, add, remove or
alter personal links.
Solution
Nothing yet.
The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2009 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.
