|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[SA12513] Regulus Multiple Vulnerabilities
From: Secunia Security Advisories (sec-adv
secunia.com)
Date: Tue Sep 14 2004 - 04:22:37 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
TITLE:
Regulus Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA12513
VERIFY ADVISORY:
http://secunia.com/advisories/12513/
CRITICAL:
Moderately critical
IMPACT:
Security Bypass, Exposure of sensitive information
WHERE:
From remote
SOFTWARE:
Regulus 2.x
http://secunia.com/product/3890/
DESCRIPTION:
masud_libra has reported some vulnerabilities in Regulus, which can
be exploited by malicious people to access sensitive information or
bypass certain security restrictions.
1) Regulus uses an insufficient security check to prevent scripts
from being accessed directly. It is therefore possible to bypass this
check via a specially crafted URL and may disclose sensitive
information or grant access to restricted resources.
Example:
http://[victim]/base-dir/htmlcust/custchoice.php?lang=English&userid=[username]&action=To
see your connections logs
http://[victim]/base-dir/htmlcust/custchoice.php?lang=English&userid=[username]&action=To
update your password
2) A problem caused due to encrypted passwords being sent in HTML
documents can e.g. be exploited to change the password without
knowing the old password.
3) A vulnerability concerning the password file being reachable
within the web root can be exploited to gain access to usernames and
encrypted passwords.
Example:
http://[victim]/base-dir/access/stafffile
SOLUTION:
Use another product.
PROVIDED AND/OR DISCOVERED BY:
masud_libra
ORIGINAL ADVISORY:
http://www.aosp.net/regulus.htm
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
----------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]