|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Database Manager Default pass
fireboynet
webmails.com
Date: Tue Jan 31 2006 - 09:27:31 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Tunis the 31/jan/2006
bug found by Fireboy
fireboynetwebmails.com
Product affected:DBMan for Windows and Unix
Product vendor: http://www.gossamer-threads.com
the problem with DBman is default passwords
these are default pass :
admin/admin,author/author,guest/guest
if the admin not change the pass , anyone can access the db and make changes/delete information.
the script of dbman is db.cgi and from that script , malicious action can be done.
fix:
change default passwords
exploit:
google:"Database Manager Demo:"
that's all
thanks
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]