CVE-2007-6502

Name of the Vulnerable Software and Affected Versions Hosting Controller versions 6.1 Hot fix 3.3 and earlier

Description The issue allows remote authenticated users to obtain sensitive information. This can be achieved through the AdminName and AdminLevel parameters to the "fp2000/NEWSRVR.asp" endpoint, which discloses usernames. Additionally, certain XML HTTP requests to the "hosting/css.asp" endpoint using Microsoft.XMLHTTP or MSXML2.XMLHTTP objects can trigger a response with the setup directory pathname in the HTML source. There is also a potential for remote attackers to obtain sensitive information via a request for the "/admin/forum/" endpoint, which reveals the path in an error message when a forum is not found.

Recommendations For Hosting Controller versions 6.1 Hot fix 3.3 and earlier, consider restricting access to the "fp2000/NEWSRVR.asp" and "hosting/css.asp" endpoints until a patch is available. As a temporary workaround, avoid using the AdminName and AdminLevel parameters in the "fp2000/NEWSRVR.asp" endpoint. Also, restrict access to the "/admin/forum/" endpoint to minimize the risk of exploitation.