Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Turbo Seek < 1.7.2 tseekdir.cgi location Parameter Information Disclosure

Medium

Synopsis

The remote host is vulnerable to a flaw that allows attackers to retrieve sensitive files or data.

Description

The remote host is running FocalMedia Turbo Seek, a web-based search Application for Unix. It is reported that Turbo Seek is prone to an information disclosure issue. An attacker may craft a malicious request for the tseekdir.cgi script and be served with the content of any file readable by the web server process.

Solution

Upgrade to version 1.7.2 or higher.