Summary
Resin will reveal the physical path of the webroot when asked for a special DOS device, e.g. lpt9.xtp
An attacker may use this flaw to gain further knowledge about the remote filesystem layout.
Solution
Upgrade to a later software version.
Severity
Classification
-
CVE CVE-2002-2090 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Advantech WebAccess Multiple Stack Based Buffer Overflow Vulnerabilities
- Apache Continuum Cross Site Scripting Vulnerability
- Apache Tomcat Login Constraints Security Bypass Vulnerability
- Apache Web Server Linefeed Memory Allocation Denial Of Service Vulnerability
- Apache CouchDB Cross Site Request Forgery Vulnerability