CVE-2008-6440 Information

Description

Cerberus Helpdesk before 4.0 (Build 600) allows remote attackers to obtain sensitive information via direct requests for \controllers … that aren’t standard helpdesk pages\ possibly involving the (1) /display and (2) /kb URIs.

Reference

http://secunia.com/advisories/30344 http://www.cerb4.com/blog/2008/05/15/important-security-patch-40-build-599/ http://www.securityfocus.com/bid/29335