Summary by National Aeronautics and Space Administration (NASA) - Vulnerability Disclosure Program
System owner has removed the file.
Sensitive Information Disclosure
Disclosed by Kuldeep_Soni_c1ph3r- Engagement National Aeronautics and Space Administration (NASA) - Vulnerability Disclosure Program
- Disclosed date 9 months ago
- Priority P5 Bugcrowd's VRT priority rating
- Status Informational This vulnerability is seen as an accepted business risk
Summary by Kuldeep_Soni_c1ph3r
🛰️ NASA Subdomain Disclosed Internal .old File — Minor Info Leak
Date Found: 23 June 2024
Affected Domain: soho.nascom.nasa.gov (NASA)
Leaking Resource: /index.html.old
Severity: Low (P5) — Informational Exposure
📖 Summary
While browsing legacy resources under NASA's SOHO project subdomain, I discovered an exposed .old backup file that contains internal references and system file paths. These types of files are often unintentionally left behind during updates or migrations and remain accessible to the public.
Although this particular file didn’t expose highly sensitive data such as login credentials or PII, it did reveal internal structure, potential data formatting, and directory references. This kind of information could aid an attacker in further reconnaissance or chaining attacks with other vulnerabilities.
🛡️ Why It Matters
Even seemingly harmless .old or backup files may:
- Help attackers fingerprint internal technologies or directory structure
- Expose legacy logic or data schemas
- Serve as reconnaissance for chaining attacks
Best practice: Regularly audit and remove .bak, .old, .swp, and similar files from production environments.
🔬 Reproduction Steps
- Open the following URL in any browser:
Leaking.oldfile - Review the contents of the page.
- View the page source to observe internal file path references and data layout.
🎥 Proof of Concept (PoC)
A recorded screen capture demonstrating the issue has been submitted to the responsible program:
File: Screencast from 2024-06-23 11:57:42.mp4
Size: 10.3 MB
🧩 Classification
- Bug Type: Sensitive Data Exposure → Disclosure of Secrets → Intentionally Public, Sample, or Invalid
- Vulnerability Rating Taxonomy (VRT): P5 — Informational
- Platform: NASA Public Web Application
✅ Takeaway
Don't ignore old files!
Audit your servers for .old, .bak, .tmp, and other leftover development artifacts. Even non-critical data can provide a blueprint for attackers even sometime leaks sensitive data.
``