ID CVE-2002-0266
Summary Thunderstone Texis CGI script allows remote attackers to obtain the full path of the web root via a request for a nonexistent file, which generates an error message that includes the full pathname.
References
Vulnerable Configurations
  • cpe:2.3:a:thunderstone_software:texis:3.0
    cpe:2.3:a:thunderstone_software:texis:3.0
CVSS
Base: 5.0 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
exploit-db via4
description Thunderstone TEXIS 3.0 Path Disclosure Vulnerability. CVE-2002-0266 . Remote exploits for multiple platform
id EDB-ID:21276
last seen 2016-02-02
modified 2002-02-06
published 2002-02-06
reporter phinegeek
source https://www.exploit-db.com/download/21276/
title Thunderstone TEXIS 3.0 Path Disclosure Vulnerability
nessus via4
  • NASL family CGI abuses
    NASL id TEXIS_PATH_DISCLOSURE.NASL
    description The Thunderstone Software TEXIS application running on the remote host is affected by an information disclosure vulnerability that allows an unauthenticated, remote attacker to obtain the full path of the web root directory by making a specially crafted request for a nonexistent file.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 11401
    published 2003-03-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=11401
    title Thunderstone Software TEXIS Nonexistent File Request Path Disclosure
  • NASL family Web Servers
    NASL id 404_PATH_DISCLOSURE.NASL
    description The remote web server reveals the physical path of the webroot when a nonexistent page is requested. While printing errors to the output is useful for debugging applications, this feature should be disabled on production servers.
    last seen 2019-02-21
    modified 2018-06-27
    plugin id 11714
    published 2003-06-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=11714
    title Nonexistent Page (404) Physical Path Disclosure
refmap via4
bid 4035
bugtraq
  • 20020206 texis(CGI) Path Disclosure Vulnerability
  • 20020211 Re: texis(CGI) Path Disclosure Vulnerability
xf texis-cgi-information-disclosure(8103)
Last major update 17-10-2016 - 22:17
Published 29-05-2002 - 00:00
Back to Top