From: Secunia Security Advisories (sec-advsecunia.com)
Date: Tue Jul 27 2004 - 02:19:09 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

TITLE:
Mensajeitor "AdminNick" Administrative User Spoofing Vulnerability

SECUNIA ADVISORY ID:
SA12155

VERIFY ADVISORY:
http://secunia.com/advisories/12155/

CRITICAL:
Less critical

IMPACT:
Spoofing

WHERE:
From remote

SOFTWARE:
Mensajeitor 1.8.x
http://secunia.com/product/3725/

DESCRIPTION:
Jordi Corrales has reported a vulnerability in Mensajeitor, which can
be exploited by malicious users to impersonate administrative users.

The vulnerability is caused due to an authentication error and allows
messages to be posted with administrative privileges e.g. via a
specially crafted form passing the value "si" to the "AdminNick"
variable.

The vulnerability has been reported in version 1.8.9r1 and prior.

SOLUTION:
Edit the source code to ensure that user authentication is conducted
properly.

Use another product.

PROVIDED AND/OR DISCOVERED BY:
Jordi Corrales, Shell Security.

ORIGINAL ADVISORY:
http://www.shellsec.net/leer_advisory.php?id=4

OTHER REFERENCES:
OSVDB:
http://www.osvdb.org/8124

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories

----------------------------------------------------------------------

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]