Summary
This web server is running a vulnerable version of Inktomi Search
Certain requests using MS-DOS special file names such as nul can cause a python error. The error message contains sensitive information such as the physical path of the webroot. This information may be useful to an attacker.
Solution
Upgrade to the latest version. This product is now developed i by Verity and is called Ultraseek
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2004-0050 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- APC PowerChute Network Shutdown 'security/applet' Cross Site Scripting Vulnerability
- Apache Struts Directory Traversal Vulnerability
- Apache CouchDB Cross Site Request Forgery Vulnerability
- Apache Struts2 showcase namespace XSS Vulnerability
- 11in1 Cross Site Request Forgery and Local File Include Vulnerabilities