| VID |
22277 |
| Severity |
20 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The 4D WebSTAR server has a Remote Information Disclosure Vulnerability.
4D WebSTAR Server is a software product that provides Web, FTP, and Mail services for Mac OS X. 4D WebSTAR 5.3.2 and earlier could allow a remote attacker to obtain sensitive information, caused by a failure of the application to properly validate user-supplied requests. A remote attacker could use this vulnerability to view 'php.ini' files that contains sensitive PHP configuration details. It may be used to carry out further attacks against the affected system.
* References:
http://www.securityfocus.com/archive/1/368778
* Platforms Affected:
4D WebSTAR V 5.3.2 and earlier
Apple Mac OS 10.3.3 and earlier |
| Recommendation |
Upgrade to the latest version of 4D WebSTAR Server (5.3.3 or later), available from the WebSTAR FTP site at ftp://ftp.4d.com/products/WebSTAR/Current/4D_WebSTAR_V/ |
| Related URL |
CVE-2004-0697 (CVE) |
| Related URL |
10721 (SecurityFocus) |
| Related URL |
16688 (ISS) |
|
