Perception LiteServe Script Source Code Disclosure Vulnerability

Perception LiteServe is a commercial e-mail, web, and FTP server for Microsoft Windows.

Perception LiteServe's webserver is subject to a vulnerability which will display the source code for arbitrary CGI scripts to remote attackers. This is accomplished by crafting a URL containing a path to the targeted CGI script using the MS-DOS naming convention for 'cgi-bin' or other directories on the webserver which store scripts.

The displayed script source code may disclose sensitive information, which can be used to mount further attacks against the host.


 

Privacy Statement
Copyright 2010, SecurityFocus