Oracle Reports Server 6.0.8/9.0.2 - Information Disclosure
| EKU-ID: 27132 | CVE: CVE-2002-1089;OSVDB-6695 | OSVDB-ID: |
| Author: skp | Published: 2002-07-18 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 27132 | CVE: CVE-2002-1089;OSVDB-6695 | OSVDB-ID: |
| Author: skp | Published: 2002-07-18 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/5262/info A problem with Reports Server could make it possible to gain sensitive information from the server. Under some circumstances, Reports Server may yield sensitive information to unauthenticated remote users. This information may include the system path, software installed on the vulnerable system, and other information that may be used as points of entry. http://some.site.com/cgi-bin/rwcgi60 http://some.site.com/cgi-bin/rwcgi60/showenv