CVE-2004-2353

BugPort before 1.099 stores its configuration file (conf/config.conf) under the web document root with a file extension that is not normally parsed by web servers, which allows remote attackers to obtain sensitive information.

Date published : 2005-08-16

http://www.securityfocus.com/bid/9542

http://www.incogen.com/downloads/bugport/CHANGELOG.txt