Information Disclosure in Gattaca Server 2003 1.1.10.0

Information Disclosure in Gattaca Server 2003 1.1.10.0

CVE-2004-2518 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Gattaca Server 2003 1.1.10.0 allows remote attackers to obtain sensitive information via (1) a trailing null byte ("%00") to a URL or (2) an invalid LANGUAGE parameter to web.tmpl, which reveals the full installation path in an error message.

Learn more about our Web App Pen Testing.