Citrix NFuse 1.6

From: Tom.Lyneat_private
Date: Tue Jan 22 2002 - 07:57:56 PST

Next message: Andrew Wason: "Re: Cross-Site Vulnerabilities (Still) Found in Major Web Sites"

Previous message: Andrew Griffiths: "Re: Maelstrom file overwrite"
Next in thread: Jeff Mills: "RE: Citrix NFuse 1.6"
Reply: Jeff Mills: "RE: Citrix NFuse 1.6"
Reply: steven.sporenat_private: "RE: Citrix NFuse 1.6"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Dear Reader,

      It seems if you go to an NFuse servers 'applist.asp' page without
first authenticating it reveals a list of all the applications that are
configured as published applications. Seems like an easily preventable
information leak from a default setup,

Rgds,
Tom Lyne

Next message: Andrew Wason: "Re: Cross-Site Vulnerabilities (Still) Found in Major Web Sites"
Previous message: Andrew Griffiths: "Re: Maelstrom file overwrite"
Next in thread: Jeff Mills: "RE: Citrix NFuse 1.6"
Reply: Jeff Mills: "RE: Citrix NFuse 1.6"
Reply: steven.sporenat_private: "RE: Citrix NFuse 1.6"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Jan 22 2002 - 12:43:18 PST