Turbo Seek < 1.7.2 tseekdir.cgi location Parameter Information Disclosure
Medium Nessus Network Monitor Plugin ID 2280
SynopsisThe remote host is vulnerable to a flaw that allows attackers to retrieve sensitive files or data.
DescriptionThe remote host is running FocalMedia Turbo Seek, a web-based search Application for Unix. It is reported that Turbo Seek is prone to an information disclosure issue. An attacker may craft a malicious request for the tseekdir.cgi script and be served with the content of any file readable by the web server process.
SolutionUpgrade to version 1.7.2 or higher.