CVE-2004-2748 - Timber framed Bush

Description

viewreport.pl in NetIQ WebTrends Reporting Center Enterprise Edition 6.1a allows remote attackers to determine the installation path via an invalid profileid parameter which leaks the pathname in an error message.

Reference

http://www.securityfocus.com/bid/9460 http://www.osvdb.org/3680 http://www.securitytracker.com/id?1008799 http://secunia.com/advisories/10689 http://securityreason.com/securityalert/3354 http://www.securityfocus.com/archive/1/350419/30/21610/threaded