|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: PCCS MySQL DB Admin Tool v1.2.3- Advisory
From: Steven Vittitoe (bool
GTE.NET)Date: Fri Aug 04 2000 - 15:20:47 CDT
- Next message: Ofir Arkin: "Identifying Windows 98/98SE/ME/2000 Using Wrong Codes with ICMP Timestamp Requests"
- Previous message: Dan Harkless: "Re: [SPSadvisory#39]Adobe Acrobat Series PDF File Buffer Overflow"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
This advisory highlights a weakness in the file structure
of the <a href="http://PCCS-Linux.COM/PCCS">PCCS MySQL
Database Admin Tool</a>. This web application can expose a
mySQL administrator’s password.
Problem:
The default install requires you to use a directory that is
web accessible. Under that directory there is a directory
called incs. This directory contains a file called
dbconnect.inc. This file stores common functions, host
names, and plain text administrator password. The one good
point is that you are required to manually enter the
password in this directory. But never underestimate the
power of idiots. So, in short anyone could go to
http://your_site.com/pccsmysqladm/incs/dbconnect.inc and
get the admin’s password. Not to mention they could
administer the database from the web w/o ever knowing the
password.
Solution:
Secure the directory through your web server. Yes you
won’t be able to admin the database remotely but no one
else will be able to either.
I don’t believe this is a widely used web tool, but none
the less it is a problem.
- Next message: Ofir Arkin: "Identifying Windows 98/98SE/ME/2000 Using Wrong Codes with ICMP Timestamp Requests"
- Previous message: Dan Harkless: "Re: [SPSadvisory#39]Adobe Acrobat Series PDF File Buffer Overflow"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]