- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 23148
- Проверка EDB
-
- Пройдено
- Автор
- @STAKE
- Тип уязвимости
- REMOTE
- Платформа
- WINDOWS
- CVE
- cve-2003-0803
- Дата публикации
- 2003-09-15
Код:
source: https://www.securityfocus.com/bid/8625/info
A vulnerability has been discovered in Nokia Electronic Documentation (NED) that may allow an attacker to redirect connections to a third party system. The problem likely occurs due to the NED server failing to sufficiently verify hosts provided within specific HTTP requests. As a result, an attacker may be capable of making a request that would cause data to be redirected to a third party system.
This may allow an attacker to interact with an otherwise inaccessible system, or potentially hide the origin of attacks launched against other targets.
http://www.example.org/docs/NED?action=retrieve&location=http://www.target.com/- Источник
- www.exploit-db.com
