12Planet Chat Server Error Message Path Disclosure

medium Nessus Plugin ID 11592

Language:

Synopsis

The remote web server contains a Java application that is affected by an information disclosure vulnerability.

Description

The remote host is running 12Planet Chat Server - a web-based chat server written in Java.

There is a flaw in this version which allows an attacker to obtain the physical path of the installation by sending a malformed request to this service.

Knowing this information will help an attacker to make more focused attacks.

Solution

The solution is unknown.

Plugin Details

Severity: Medium

ID: 11592

File Name: 12planet_chat_server_path_disclosure.nasl

Version: 1.20

Type: remote

Family: Web Servers

Published: 5/7/2003

Updated: 8/8/2018

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Reference Information

BID: 7355

Detections

Analytics