Intrusion Prevention



This indicates an attack attempt against an Information Disclosure vulnerability in ZeroShell.
The vulnerability is due to a insufficient validation of user supplied input when handling a crafted request. A remote attacker can exploit this to gain unauthorized access to sensitive information, via a crafted request.

Affected Products

ZeroShell 2.0 RC2 and prior


Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.