Xcache Path Disclosure Vulnerability

Xcache is a dynamic content caching application which runs in conjunction with Microsoft Internet Information Server. Xcache allows for individual pages or entire folders to have caching disabled if necessary.

When a request is made for a page or a page within a folder that is not cached, Xcache returns the full path to the page within the HTTP header information. This path information will be returned regardless of where the page resides on the server.

This information could potentially be used by an attacker to mount an attack upon the target webserver.


Privacy Statement
Copyright 2010, SecurityFocus