| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 31 Aug 2011 13:59:51 -0700 From: Ivan Carlos <icarlos@...rlos.net> To: MustLive <mustlive@...security.com.ua>, "submissions@...ketstormsecurity.org" <submissions@...ketstormsecurity.org>, "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk> Subject: Re: Vulnerabilities in GlobalWoW C'mon... isn't that (gaming non-licensed server over a patented application) illegal? Reporting vulns on counterfeit applications is useless. Ivan Carlos CISO, Consultant +55 (11) 8112-0666 www.icarlos.net -----Original Message----- From: full-disclosure-bounces@...ts.grok.org.uk [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of MustLive Sent: quarta-feira, 31 de agosto de 2011 17:44 To: submissions@...ketstormsecurity.org; full-disclosure@...ts.grok.org.uk Subject: [Full-disclosure] Vulnerabilities in GlobalWoW Hello list! I want to warn you about Insufficient Anti-automation and Denial of Service vulnerabilities in GlobalWoW. Also GlobalWow can be included in ArcEmu and WOW Emulator Server. This is the last of few advisories which I've made in April 2010. In this advisory I'm continue to inform readers of mailing lists about vulnerable web applications which are using CaptchaSecurityImages.php. ------------------------- Affected products: ------------------------- Vulnerable are GlobalWow 3.0.9 and previous versions (and potentially next versions). Also the next products are affected: ArcEmu and WOW Emulator Server with which GlobalWow can be bundled. I've already wrote last year the recommendations about fixing these issues in another my advisory concerning vulnerable web application with CaptchaSecurityImages.php. As I wrote earlier (http://www.securityfocus.com/archive/1/511023), developers of CaptchaSecurityImages.php fixed this hole at 27.03.2007. So one of the way to fix these issues is to use fixed version of the script or to make appropriate changes in com_bookman's version of the script. ---------- Details: ---------- These are Insufficient Anti-automation and Denial of Service vulnerabilities. The vulnerabilities exist in captcha script CaptchaSecurityImages.php, which is using in this system. I already wrote at my site about vulnerabilities in CaptchaSecurityImages (http://websecurity.com.ua/4043/). Insufficient Anti-automation (WASC-21): http://site/acs/CaptchaSecurityImages.php?width=150&height=100&characters=2 Captcha bypass is possible as via half-automated or automated (with using of OCR) methods, which were mentioned before (http://websecurity.com.ua/4043/), as with using of session reusing with constant captcha bypass method (http://websecurity.com.ua/1551/), which was described in project Month of Bugs in Captchas. DoS (WASC-10): http://site/acs/CaptchaSecurityImages.php?width=1000&height=9000 With setting of large values of width and height it's possible to create large load at the server. ------------ Timeline: ------------ 2010.04.16 - disclosed at my site. 2010.04.17 - informed developers. 2010.04.18 - informed developers on another e-mail. I mentioned about these vulnerabilities at my site (http://websecurity.com.ua/4134/). Best wishes & regards, MustLive Administrator of Websecurity web site http://websecurity.com.ua _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists