Short Name |
HTTP:DOURAN-ARB-FILE-DL |
---|---|
Severity |
Minor |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Douran Portal 'download.aspx' Arbitrary File Download Vulnerability |
Release Date |
2011/03/23 |
Update Number |
1887 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability against Douran Portal. Version 3.9.7.8 is vulnerable. A successful attack can allow an attacker to view arbitrary files within the context of the application.
Douran Portal is prone to a vulnerability that lets attackers download arbitrary files. This issue occurs because the application fails to sufficiently sanitize user-supplied input. Exploiting this issue will allow an attacker to view arbitrary files within the context of the application. Information harvested may aid in launching further attacks. Douran Portal 3.9.7.8 is affected; other versions may also be vulnerable.