Snif File Disclosure Network Vulnerability

Summary

It is possible to make the remote host return the content of any world readable file by requesting a path outside the bound HTML root directory from the Snif program. An attacker may use this flaw to view sensitive files that reside on the remote host.

Solution

Upgrade to Snif version 1.2.5 or newer

Severity

Classification

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Apache ActiveMQ 'admin/queueBrowse' Cross Site Scripting Vulnerability
appRain CMF 'uploadify.php' Remote Arbitrary File Upload Vulnerability
Apache Tomcat RemoteFilterValve Security Bypass Vulnerability
/doc directory browsable ?
Aardvark Topsites <= 4.2.2 Remote File Inclusion Vulnerability

Take action and discover your vulnerabilities