NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 2000-08

Subject: Re: Subscribe Me CGI Vulnerability
From: CGI Script Center Support (supportCGISCRIPTCENTER.COM)
Date: Wed Aug 23 2000 - 12:01:15 CDT

Next message: Daniel Docekal: "Re: Xato Advisory: FrontPage DOS Device DoS"
Previous message: John Hennessy: "Authorize.net follow up."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello,

Thank you for bringing the below problem to our attention. In the
interests of protecting the users of programs, it always helps to know this
information prior to it becoming public, so that those users have time to
upgrade. We have no problem with such problems being disclosed publicly,
other than the obvious security ramifications for users. I hope the
respective tracking companies will consider the ramifications prior to
posting this information.

The below problem was solved with a simple check for an existing password
file in the sub setpwd routine:

if (-e "$passfile/password.txt") {

print "Content-type: text/html\n\n";

print "Password already exists. Please delete your password file manually if
you want to reset your password<BR>";

exit;

}

The affected programs have already been fixed and updated, and the new
downloads are already available.

Thanks, once again, for bringing these problems to our attention.

Product: Subscribe Me
Versions: All version number, LITE only
Vendor: Notified, http://www.cgiscriptcenter.com/

The Problem:

Once again a remote user can alter the Admin Password for the Subscribe
Me
Admin Control Panel. Allowing a user to add and remove ppl from the list as
well
as initiate a mailling with a message body of their choice.

Exploit:

See the html attachment included.

Patches:

There should be one shortly after they fix Account Manager :)

n30
n30alldas.de
<<

CGI Script Center Support
supportcgiscriptcenter.com

  -----Original Message-----
  From: n30 [mailto:n30alldas.de]
  Sent: Wednesday, August 23, 2000 3:08 PM
  To: cgielitehost.com; bugtraqsecurityfocus.com; gov-boihack.co.za;
submissionspacketstorm.securify.com; triballdas.de
  Subject: Subscribe Me CGI Vulnerability

  Product: Subscribe Me
  Versions: All version number, LITE only
  Vendor: Notified, http://www.cgiscriptcenter.com/

The Problem:

      Once again a remote user can alter the Admin Password for the
Subscribe Me
  Admin Control Panel. Allowing a user to add and remove ppl from the list
as well
  as initiate a mailling with a message body of their choice.

Exploit:

See the html attachment included.

Patches:

There should be one shortly after they fix Account Manager :)

n30
n30alldas.de

application/x-zip-compressed attachment: sublite20.zip

Next message: Daniel Docekal: "Re: Xato Advisory: FrontPage DOS Device DoS"
Previous message: John Hennessy: "Authorize.net follow up."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]