Management Console Directory Traversal Vulnerability
The Solaris Management Console (SMC) in Sun Solaris 8 and 9 generates different 404 error messages when a file does not exist versus when a file exists but is otherwise inacessible which could allow remote attackers to obtain sensitive information in conjunction with a directory traversal (..) attack.
- Sun Solaris 8
- Sun Solaris 9
- Solaris Management Console (SMC)