QwikSec

Security Database

CVE

CWE

Training

CVE-2005-2815

Published: Sep 7, 2005

Modified: Aug 7, 2024

PUBLISHED

Description

print.php in FlatNuke 2.5.6 allows remote attackers to obtain sensitive information (path disclosure on error) or cause a denial of service (resource consumption) via an MS-DOS device name in the news parameter to print.php, such as (1) AUX, (2) CON, (3) PRN, (4) COM1, or (5) LPT1.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

flatnuke-msdos-news-path-disclosure(22153)

vdb-entry

x_refsource_XF

vdb-entry

x_refsource_SECTRACK

20050830 Flatnuke 2.5.6 (possibly prior versions) Underlying system information disclosure / Administrative & users credentials disclosure

mailing-list

x_refsource_BUGTRAQ

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.