CVE-2003-1282 Information

Description

IBM Net.Data allows remote attackers to obtain sensitive information such as path names server names and possibly user names and passwords by causing the (1) $(DTW_CURRENT_FILENAME) (2) $(DATABASE) (3) $(LOGIN) (4) $(PASSWORD) and possibly other predefined variables that can be echoed back to the user via a web form.

Reference

http://www.iss.net/security_center/static/11016.php http://www.securiteam.com/securitynews/5CP061F8VS.html http://www.securitytracker.com/id?1005890