Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (Security)  >   F-Secure Internet Gatekeeper Vendors:   F-Secure
F-Secure Internet Gatekeeper Web Console May Disclose Files to Remote Users
SecurityTracker Alert ID:  1015142
SecurityTracker URL:
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Nov 3 2005
Impact:   Disclosure of system information, Disclosure of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 6.40, 6.41, 6.42
Description:   A vulnerability was reported in F-Secure Internet Gatekeeper. A remote user may be able to view files on the target system.

A remote user on an "allowed host" can bypass the Web Console authentication and read files on the target system.

The Web Console is configured by default to only accept connections from the localhost interface.

The vendor credits Mikko Korppi with reporting this vulnerability.

Impact:   A remote user may be able to view files on the target system.
Solution:   The vendor has issued a hotfix for the F-Secure Internet Gatekeeper 6.42:

Users of 6.40 and 6.41 should upgrade to 6.42 and apply the hotfix.

Vendor URL: (Links to External Site)
Cause:   Authentication error
Underlying OS:  Linux (Any), Windows (Any)

Message History:   None.

 Source Message Contents

[Original Message Not Available for Viewing]

Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2022, LLC