Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: pokleyzz (pokleyzz_at_scan-associates.net)
Date: Sun Jul 28 2002 - 22:19:14 CDT
SCAN Associates Sdn Bhd Security Advisory
Product: dotProject 0.2.1.5 (possibly other)
Vendor URL: http://www.dotmarketing.org/dotproject/
Summary: php dotProject by pass authentication
Author: pokleyzz <pokleyzzscan-associates.net>, sk <skscan-associates.net>,
dotProject is web base project management system .
This application consider as beta version.
Everyone can bypass authentication and login as Admin.
It was rather simple to exploit, user may send a crafted cookie like:
curl -b user_cookie=1 http://server/project/index.php?m=projects
Or simply append user_cookie=1 in any URL:
Vendor has been contacted on 24/7/2002 but no reply.