Stronghold Secure Server Path Information Disclosure Vulnerability

Stronghold Secure Server Path Information Disclosure Vulnerability

Redhat Stronghold Secure Web Server is a web server based on the Apache source.

It has been reported that Stronghold Server may disclose path information to a remote user.

The vulnerability exists in SWISH. SWISH is bundled with Stronghold Server. An attacker is able to send a request that will cause SWISH to disclose the location of the web root path. In some cases, SWISH may disclose system specific information.