The e-GAP appliance has been reported prone to a source code disclosure vulnerability. It has been reported that, when the affected appliance handles unexpected HTTP requests it may divulge the source code of the login script. The login page is used to build a simple form for collecting and submitting the username and the password to the e-Gap server. The authentication logic is not part of this page and cannot be viewed by the attacker. The information contained in the login page is not typically sensitive.
TRACE / HTTP/1.0