Vulnerabilities > CVE-2004-2518 - Unspecified vulnerability in Geeos Team Gattaca Server 2003 1.1.10.0

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
geeos-team
exploit available
NVD
Published: 2004-12-31
Updated: 2024-11-20

Summary

Gattaca Server 2003 1.1.10.0 allows remote attackers to obtain sensitive information via (1) a trailing null byte ("%00") to a URL or (2) an invalid LANGUAGE parameter to web.tmpl, which reveals the full installation path in an error message.

Vulnerable Configurations

Part Description Count
OS
Geeos_Team
1

Exploit-Db

  • descriptionGattaca Server 2003 Null Byte Path Disclosure. CVE-2004-2518. Webapps exploit for cgi platform
    idEDB-ID:24284
    last seen2016-02-02
    modified2004-07-15
    published2004-07-15
    reporterdr_insane
    sourcehttps://www.exploit-db.com/download/24284/
    titleGattaca Server 2003 Null Byte Path Disclosure
  • descriptionGattaca Server 2003 Language Variable Path Exposure. CVE-2004-2518. Webapps exploit for cgi platform
    idEDB-ID:24285
    last seen2016-02-02
    modified2004-07-15
    published2004-07-15
    reporterdr_insane
    sourcehttps://www.exploit-db.com/download/24285/
    titleGattaca Server 2003 Language Variable Path Exposure

References