F-Secure Policy Manager 5.11 - 'FSMSH.dll' CGI Application Installation Full Path Disclosure
| EKU-ID: 30184 | CVE: CVE-2004-1223;OSVDB-12289 | OSVDB-ID: |
| Author: oliver@greyhat.de | Published: 2004-12-09 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 30184 | CVE: CVE-2004-1223;OSVDB-12289 | OSVDB-ID: |
| Author: oliver@greyhat.de | Published: 2004-12-09 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/11869/info F-Secure Policy Manager includes a CGI application named 'fsmsh.dll'. By supplying unexpected input as an argument to the 'fsmsh.dll' application the vulnerable software will return an error message that includes the installation path of the software. /fsms/fsmsh.dll?