HTTP: Bannermatic Information Disclosure
This signature detects attempts to access several files contained in the Bannermatic software suite. The files ban.log, ban.bak, ban.dat and banmat.pwd contain sensitive data.
Extended Description
Bannermatic is a banner ad rotation system maintained by Joe DePasquale of GetCruising. Bannermatic is subject to an information disclosure issue. Reportedly, ban.log, ban.bak, ban.dat and banmat.pwd are world readable and all contain sensitive data. Obtaining the information contained within either file, could result in the attacker launching further attacks against the host.
Affected Products
Joe_depasquale bannermatic
Short Name
HTTP:INFO-LEAK:BANNERMATIC
Severity
Minor
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
Bannermatic CVE-2002-2342 Disclosure Information bid:4738
Release Date
08/02/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Joe_depasquale
CVSS Score
5.0