• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

LXR Cross-Referencer Arbitrary File Disclosure Vulnerability

It has been reported that LXR Cross-Referencer does not sufficiently sanitize user-supplied input submitted via URI parameters.

Allegedly, the exploitation of this vulnerability may result in the disclosure of arbitrary web server readable files.

Successful exploitation may permit the attacker to gain access to sensitive information that may aid in mounting further attacks against the system hosting the software.