It was possible to read the content of /EXT.INI (BadBlue configuration file) by sending an invalid GET request. A cracker may exploit this vulnerability to steal the passwords.
upgrade your software or protect it with a filtering reverse proxy
- IBM WebSphere Application Server JSF Application Information Disclosure Vulnerability
- Herberlin Bremsserver Directory Traversal Vulnerability
- LiteSpeed Web Server Source Code Information Disclosure Vulnerability
- IBM WebSphere Application Server (WAS) Multiple Vulnerabilities 01 - March 2011
- IOServer Trailing Backslash Multiple Directory Traversal Vulnerabilities