SIPS 0.2.2 - User Information Disclosure

Author: dwcgr0up
type: remote
platform: multiple
port: 
date_added: 2003-03-18 
date_updated: 2012-10-31 
verified: 1 
codes: CVE-2003-1553;OSVDB-44056 
tags: 
aliases:  
screenshot_url:  
application_url: 

source: https://www.securityfocus.com/bid/7134/info

It has been reported that authentication is not required to view user account information. As a result, an unauthorized remote attacker may be able to view potentially sensitive information. This may aid in launching further attacks against a target user or system.

http://www.example.com/[sips_directory]/sipssys/users/[first_letter_of_UserID]/