| VID |
21739 |
| Severity |
20 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The Movable Type software discloses sensitive information by accessing the mt.cfg file. Movable Type is a weblog publishing software written in Perl. By accessing the mt.cfg file, a remote attacker could obtain sensitive information, such as values of configuration options. This information might help a remote attacker to launch further attacks against the affected system.
* Platforms Affected:
Movable Type Any version
Any operating system Any version |
| Recommendation |
Configure the affected Web server not to serve .cfg files. |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
