|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Adrian Chung (adrian
enfusion-group.com)Date: Thu Jan 10 2002 - 11:22:02 CST
A major security vulnerability exists in Geeklog 1.3, released on
December 30th, 2001.
When permanent cookies are enabled, as they are in a stock install,
Geeklog stores a user's UID in a cookie upon successful login.
This cookie is subsequently used during future visits to the site to
automatically initiate an authenticated session as the UID in the
cookie.
Modification of the UID in the cookie allows any user to assume the
identity of any other registered user, including the administrative
user.
A bug report was submitted to the author on January 9th, and fixes
were made available shortly after, with instructions on where to
obtain them posted at the Geeklog website (http://www.geeklog.org).
Geeklog is a 'blog', otherwise known as a Weblog. It allows you to
create your own virtual community area, complete with user
administration, story posting, messaging, comments, polls, calendar,
weblinks, and more! It can run on many different operating systems,
and uses PHP4 and MySQL.
-- Adrian Chung (adrian at enfusion-group dot com) http://www.enfusion-group.com/~adrian GPG Fingerprint: C620 C8EA 86BA 79CC 384C E7BE A10C 353B 919D 1A17 [rogue.enfusion-group.com] up 161 days, 4:03, 5 users
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org
iD8DBQE8Pc26oQw1O5GdGhcRAv8BAKDXEXo3IbnCdyjuhrzBfu+J9BY+5gCfRxOP 2rD7aLVdOK6MA4KAGFc12Ic= =z3ek -----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]