HTTP: WFChat Information Disclosure
This signature detects attempts to access the files "!pwds.txt" or "!nicks.txt" on a WF-Chat server. Because access to these files is not restricted, attackers can obtain usernames and their associated passwords for the chat.
Extended Description
An information disclosure vulnerability has been reported for WFChat. The vulnerability will result in the disclosure of authentication information to a remote attacker. Information obtained in this manner may allow the attacker to launch further attacks against a vulnerable system.
Affected Products
Wfchat wfchat
References
BugTraq: 7147
Short Name
HTTP:INFO-LEAK:WFCHAT
Severity
Warning
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
Disclosure Information WFChat bid:7147
Release Date
01/08/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Wfchat