lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Thu, 20 Dec 2007 10:52:43 +0100
From: "lolo lolo" <lolofon@...il.com>
To: bugtraq@...urityfocus.com
Subject: SiteScape Forum TCL injection

Hi,
I have following advisory for you.
niekt0@...teria.sk

SiteScape Forum TCL injection
================================
discovered by niekt0@...teria.sk

PRODUCT: SiteScape Forum

EXPOSURE: TCL injection

SYNOPSIS
========
By URL modification it is possible to insert TCL code into aplication.
Account on target server is not required.

PROOF OF CONCEPT
================
Make a http request in form of

hxxp://support.sitescape.com/forum/support/dispatch.cgi/0;command

You can now enter commands separated by semicolon
There are some restrictions, but exploitation is possible.

SEE ALSO
========
http://farsite.hill.af.mil/forums/area1/dispatch.cgi/_sdk/help/

WORKAROUND
==========
Upgrade to latest version.

VENDOR RESPONSE
===============
"We have developed, tested, and distributed a fix to our current customer
base via our support site. The patch is available here:

https://support.sitescape.com/forum/support/dispatch.cgi/support/docProfile/
176803/

This URL requires a login. Thank you for alerting us."

NOTICE
======
>From sitescape.com :

"SiteScape's flagship product, SiteScape Forum(R), ...
SiteScape collaborative solutions are currently implemented worldwide
in organizations including the US Navy, US Centers for Disease
Control, the European Space Agency, Lockheed Martin..."
;)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux - Powered by OpenVZ