|
|
|
![]() |
Vulnerability Note VU#124059GoAhead Webserver information disclosure vulnerabilityOverviewThe GoAhead web server contains an information disclosure vulnerability that may allow an attacker to bypass authentication and view system configuration files or passwords. This issue was previously published under VU#975041.I. DescriptionThe GoAhead web server contains an information disclosure vulnerability. By sending the web interface a specially crafted URL, an attacker may be able to bypass authentication and view arbitrary system files.II. ImpactAn attacker may be able to view any file on the web server, including files that contain usernames and passwords.III. SolutionThe GoAhead webserver is not being actively maintained. Vendors who redistribute the GoAhead webserver may release updates to address this issue. See the systems affected section below for more information.Limit network access
References
Thanks to Daniel Peck of Digital Bond, Inc. for reporting this issue. This document was written by Ryan Giobbi.
If you have feedback, comments, or additional information about this vulnerability, please send us
email. |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||