Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> CGI abuses >> BroadVision Physical Path Disclosure Vulnerability


Vulnerability Assessment Details

BroadVision Physical Path Disclosure Vulnerability

Vulnerability Assessment Summary
Tests for BroadVision Physical Path Disclosure Vulnerability

Detailed Explanation for this Vulnerability Assessment

BroadVision will reveal the physical path of the
webroot when asked for a non-existent .jsp file
if it is incorrectly configured. Whilst printing errors
to the output is useful for debugging applications, this
feature should not be enabled on production servers.

Solution : There was no solution ready when this vulnerability was written

Please contact the vendor for updates that address this vulnerability.

Network Security Threat Level: Low

Networks Security ID: 2088

Vulnerability Assessment Copyright: This script is Copyright (C) 2001 Renaud Deraison

Cables, Connectors

Vintage Digital Equipment Corp. DEC Rainbow CPM V2 Operating System, 5.25" Disc
$50.0
Vintage Digital Equipment Corp. DEC Rainbow CPM V2 Operating System, 5.25Vintage Digital DEC 874-A Power Controller for H9642 Cabinet BA23 RL02 pdp11 VAX
$74.95
Vintage Digital DEC 874-A Power Controller for H9642 Cabinet BA23 RL02 pdp11 VAX pictureVintage Digital DEC 871-C Power Controller for H9642 Cabinet BA23 RL02 pdp11 VAX
$99.95
Vintage Digital DEC 871-C Power Controller for H9642 Cabinet BA23 RL02 pdp11 VAX pictureSet Vintage Digital DEC 74-27555-01 8 Slot QBus Card Guides, BA23 Micro pdp 11
$99.95
Set Vintage Digital DEC 74-27555-01 8 Slot QBus Card Guides, BA23 Micro pdp 11 picture


Discussions

No Discussions have been posted on this vulnerability.