Signature Detail
Short Name |
HTTP:INFO-LEAK:WFCHAT |
|---|---|
Severity |
Low |
Recommended |
No |
Category |
HTTP |
Release Date |
2005/01/07 |
Update Number |
1213 |
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: WFChat Information Disclosure
This signature detects attempts to access the files "!pwds.txt" or "!nicks.txt" on a WF-Chat server. Because access to these files is not restricted, attackers can obtain usernames and their associated passwords for the chat.
Extended Description
An information disclosure vulnerability has been reported for WFChat. The vulnerability will result in the disclosure of authentication information to a remote attacker. Information obtained in this manner may allow the attacker to launch further attacks against a vulnerable system.
Affected Products
- WFChat 1.0.0 d
References
- BugTraq: 7147