NetOp Host before 7.65 build 2004278 allows remote attackers to obtain sensitive hostname, username and local IP address information via (1) a NetOp HELO request, or (2) when responses are disabled, a custom HELO request.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Netop | Danware_data | 6.0 (including) | 6.0 (including) |
| Netop | Danware_data | 6.50 (including) | 6.50 (including) |
| Netop | Danware_data | 7.0.1_build2002-01-29 (including) | 7.0.1_build2002-01-29 (including) |
| Netop | Danware_data | 7.50_build2003-08-04 (including) | 7.50_build2003-08-04 (including) |
| Netop | Danware_data | 7.60_build2003-06-24 (including) | 7.60_build2003-06-24 (including) |
References
- http://msgs.securepoint.com/cgi-bin/get/bugtraq0411/213.html
- http://www.corsaire.com/advisories/c040619-001.txt
- http://www.securityfocus.com/bid/11710
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18171
- http://msgs.securepoint.com/cgi-bin/get/bugtraq0411/213.html
- http://www.corsaire.com/advisories/c040619-001.txt
- http://www.securityfocus.com/bid/11710
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18171