Intrusion Prevention

ZeroShell.Admin.File.Information.Disclosure

Description

This indicates an attack attempt against an Information Disclosure vulnerability in ZeroShell.
The vulnerability is due to a insufficient validation of user supplied input when handling a crafted request. A remote attacker can exploit this to gain unauthorized access to sensitive information, via a crafted request.

Affected Products

ZeroShell 2.0 RC2 and prior

Impact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
http://www.zeroshell.org/download/