Air Messenger LAN Server Path Disclosure Vulnerability

Air Messenger LAN Server for Microsoft Windows allows users to exchange phone, pager and email messages through a Web gateway.

The path to sensitive files used by AMLServer can be easily obtained by any remote user, simply by examining the webserver's http-header 'Location' field.

This information may assist in further attacks against the host (see BIDS 2882 and 2883).


Privacy Statement
Copyright 2010, SecurityFocus