Vulnerability description STEEMPUNK

in #utopian-io7 years ago (edited)

Vulnerability description
Virtual hosting is a method for hosting multiple domain names (with separate handling of each name) on a single server (or pool of servers). This allows one server to share its resources, such as memory and processor cycles, without requiring all services provided to use the same host name.

This web server is responding differently when the Host header is manipulated and various common virtual hosts are tested. This could indicate there is a Virtual Host present.
Affected items
webmail.steempunk.net
The impact of this vulnerability
Possible sensitive information disclosure.

How to fix this vulnerability
Consult the virtual host configuration and check if this virtual host should be publicly accessible.

Web references
Virtual hosting

Browser ; All browser
Operating system; All operating system where you can play STEEMPUNK.

untitled.bmp



Posted on Utopian.io - Rewarding Open Source Contributors

Sort:  

Your contribution cannot be approved because it does not follow the Utopian Rules.

  • I am so much appreciated for your scaning and penetration testing .But it is not belong to the bug scope. Furthermore just leaking the vitual hostname but not the further hacking . But to be honest , this is a excellent finding

You can contact us on Discord.
[utopian-moderator]

okey thank u

Coin Marketplace

STEEM 0.21
TRX 0.25
JST 0.039
BTC 95276.42
ETH 3297.99
USDT 1.00
SBD 3.16