Vulnerabilities > CVE-2005-4700 - Information Disclosure vulnerability in Tellme 1.2
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
TellMe 1.2 and earlier, when the Server (o_Server) and HEAD (o_Head) options are enabled, allows remote attackers to obtain sensitive information via an invalid q_Host parameter, which reveals the full pathname of the application in an fsockopen error message.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |