Vulnerabilities > Information Exposure

DATE CVE VULNERABILITY TITLE RISK
2002-08-12 CVE-2002-0419 Information Exposure vulnerability in Microsoft products
Information leaks in IIS 4 through 5.1 allow remote attackers to obtain potentially sensitive information or more easily conduct brute force attacks via responses from the server in which (2) in certain configurations, the server IP address is provided as the realm for Basic authentication, which could reveal real IP addresses that were obscured by NAT, or (3) when NTLM authentication is used, the NetBIOS name of the server and its Windows NT domain are revealed in response to an Authorization request.
network
low complexity
microsoft CWE-200
5.0
2002-06-18 CVE-2002-0596 Information Exposure vulnerability in Webtrends Reporting Center 4.0D
WebTrends Reporting Center 4.0d allows remote attackers to determine the real path of the web server via a GET request to get_od_toc.pl with an empty Profile parameter, which leaks the pathname in an error message.
network
low complexity
webtrends CWE-200
5.0
2001-03-12 CVE-2000-0368 Information Exposure vulnerability in Cisco IOS
Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain portions of the command history of previous users, which may allow the attacker to access sensitive data.
local
low complexity
cisco CWE-200
2.1
2000-11-14 CVE-2000-0876 Information Exposure vulnerability in Texas Imperial Software Wftpd and Wftpd PRO
WFTPD and WFTPD Pro 2.41 RC12 allows remote attackers to obtain the full pathname of the server via a "%C" command, which generates an error message that includes the pathname.
network
low complexity
texas-imperial-software CWE-200
5.0
2000-07-13 CVE-2000-0649 Information Exposure vulnerability in Microsoft products
IIS 4.0 allows remote attackers to obtain the internal IP address of the server via an HTTP 1.0 request for a web page which is protected by basic authentication and has no realm defined.
network
high complexity
microsoft CWE-200
2.6
2000-06-26 CVE-2000-0588 Information Exposure vulnerability in Sawmill 5.0.21
SawMill 5.0.21 CGI program allows remote attackers to read the first line of arbitrary files by listing the file in the rfcf parameter, whose contents SawMill attempts to parse as configuration commands.
network
low complexity
sawmill CWE-200
5.0
2000-01-31 CVE-2000-0132 Information Exposure vulnerability in Microsoft Virtual Machine 2000/3000
Microsoft Java Virtual Machine allows remote attackers to read files via the getSystemResourceAsStream function.
network
high complexity
microsoft CWE-200
2.6
1999-12-31 CVE-1999-1462 Information Exposure vulnerability in BB4 BIG Brother 1.09B/1.09C
Vulnerability in bb-hist.sh CGI History module in Big Brother 1.09b and 1.09c allows remote attackers to read portions of arbitrary files.
network
low complexity
bb4 CWE-200
5.0
1999-04-01 CVE-1999-0606 Information Exposure vulnerability in Seaside Enterprises Ezmall 2000
An incorrect configuration of the EZMall 2000 shopping cart CGI program "mall2000.cgi" could disclose private information.
network
low complexity
seaside-enterprises CWE-200
5.0
1999-04-01 CVE-1999-0605 Information Exposure vulnerability in Austin Contract Computing Merchant Order Form 1.0/1.2
An incorrect configuration of the Order Form 1.0 shopping cart CGI program could disclose private information.
network
low complexity
austin-contract-computing CWE-200
5.0