| To: | bugtraq@securityfocus.com |
|---|---|
| Subject: | ManageEngine Firewall Analyzer arbitrary file disclosure to authorized user |
| From: | yearsilent@yahoo.com |
| Date: | 22 Mar 2007 09:56:35 -0000 |
| Delivered-to: | sp-com-lists@consult.net |
| Delivered-to: | bugtraq-list@securepoint.com |
| Delivered-to: | mailing list bugtraq@securityfocus.com |
| Delivered-to: | moderator for bugtraq@securityfocus.com |
| List-help: | <mailto:bugtraq-help@securityfocus.com> |
| List-id: | <bugtraq.list-id.securityfocus.com> |
| List-post: | <mailto:bugtraq@securityfocus.com> |
| List-subscribe: | <mailto:bugtraq-subscribe@securityfocus.com> |
| List-unsubscribe: | <mailto:bugtraq-unsubscribe@securityfocus.com> |
| Mailing-list: | contact bugtraq-help@securityfocus.com; run by ezmlm |
"ManageEngine Firewall Analyzer is a web based firewall monitoring and log analysis tool that collects, analyses, and reports information on enterprise-wide firewalls, proxy servers, and radius servers. " a authorized user to the "firewall analyzer" can access any common file on the system, it is should not be allowded |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | rPSA-2007-0059-1 file, rPath Update Announcements |
|---|---|
| Next by Date: | Remote File Include In copyright © James Coyle; JCcorp, RaeD Hasadya |
| Previous by Thread: | rPSA-2007-0059-1 file, rPath Update Announcements |
| Next by Thread: | Re: ManageEngine Firewall Analyzer arbitrary file disclosure to authorized user, support |
| Indexes: | [Date] [Thread] [Top] [All Lists] |