Short Name |
HTTP:INFO-LEAK:WFCHAT |
---|---|
Severity |
Warning |
Recommended |
No |
Category |
HTTP |
Keywords |
WFChat Information Disclosure |
Release Date |
2005/01/07 |
Update Number |
1213 |
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to access the files "!pwds.txt" or "!nicks.txt" on a WF-Chat server. Because access to these files is not restricted, attackers can obtain usernames and their associated passwords for the chat.
An information disclosure vulnerability has been reported for WFChat. The vulnerability will result in the disclosure of authentication information to a remote attacker. Information obtained in this manner may allow the attacker to launch further attacks against a vulnerable system.