Hello SM,
On Mon, Apr 13, 2015 at 6:07 PM, S Moonesamy <sm+mu_at_elandsys.com> wrote:
>
> There is a possible information disclosure issue affecting govmu.org web
> sites. This may be due to an incorrect configuration of Microsoft
> Sharepoint 2010. The issue is apparent on the National Computer Board web
> site [1] and the web site of the Mauritian National Computer Security
> Incident Response Team ( cert-mu.govmu.org ).
>
Sharepoint configuration is meticulous. It's a Document Sharing Platform,
a Content Management System, along with having various modules such as
built in WiKi, bulletin board etc.
From your screenshot I am to believe you got "write" access under the
directory you were browsing. Is that right? If yes, it's serious. Exposing
a sensitive infrastructure where one could deposit say a "malware" from the
Internet is serious.
Regards,
--
Ish Sookun
- Geek by birth, Linux by choice.
- I blog at HACKLOG.in.
https://twitter.com/IshSookun ^^ Do you tweet?
Received on Tue Apr 14 2015 - 03:37:50 PST