SIPS 0.2.2 - User Information Disclosure
| EKU-ID: 27864 | CVE: CVE-2003-1553;OSVDB-44056 | OSVDB-ID: |
| Author: dwcgr0up | Published: 2003-03-18 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 27864 | CVE: CVE-2003-1553;OSVDB-44056 | OSVDB-ID: |
| Author: dwcgr0up | Published: 2003-03-18 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/7134/info It has been reported that authentication is not required to view user account information. As a result, an unauthorized remote attacker may be able to view potentially sensitive information. This may aid in launching further attacks against a target user or system. http://www.example.com/[sips_directory]/sipssys/users/[first_letter_of_UserID]/