Inktomi Search Software 3.0 - Source Disclosure
| EKU-ID: 26024 | CVE: OSVDB-88576 | OSVDB-ID: |
| Author: china nsl | Published: 2000-12-05 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 26024 | CVE: OSVDB-88576 | OSVDB-ID: |
| Author: china nsl | Published: 2000-12-05 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/2061/info A vulnerability exists in version 3.0 of Ultrseek server (aka Inktomi Search). Due to a failure to properly validate user-supplied input, URLs submitted by a remote user of the form: http://target:8765/somefile.html/ will return the source to 'somefile.html'. As a result, it is possible for an attacker to obtain source code to any Ultraseek scripts, which could be used to support further attacks.