CVE-2004-2748 Information

Description

viewreport.pl in NetIQ WebTrends Reporting Center Enterprise Edition 6.1a allows remote attackers to determine the installation path via an invalid profileid parameter which leaks the pathname in an error message.

Reference

http://secunia.com/advisories/10689 http://securityreason.com/securityalert/3354 http://www.osvdb.org/3680 http://www.securityfocus.com/archive/1/350419/30/21610/threaded http://www.securityfocus.com/bid/9460 http://www.securitytracker.com/id?1008799