Short Name |
APP:IPSO-FILE-VIEW |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Nokia IPSO File Access |
Release Date |
2003/07/01 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in "Voyager", a Web GUI included with Nokia IP-boxes. IPSO 3.6-FCS6 and other versions are vulnerable. Attackers can use Voyager to instruct a CGI script to view the contents of arbitrary files on the system.
It has been reported that Nokia IPSO does not properly handle some types of requests through Voyager. Because of this, an attacker with access to the interface may be able to view potentially sensitive information.