lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 15 Apr 2013 00:56:49 +0300 From: "MustLive" <mustlive@...security.com.ua> To: <submissions@...ketstormsecurity.org>, <full-disclosure@...ts.grok.org.uk>, "1337 Exploit DataBase" <mr.inj3ct0r@...il.com> Subject: Vulnerabilities in AI-Bolit Hello list! These are Brute Force and Information Leakage vulnerabilities in AI-Bolit. This is security web application. ------------------------- Affected products: ------------------------- Vulnerable are all versions of AI-Bolit. In version 20121014 the filename format was changed (with adding date and time). Which is not enough to protect from guessing, as I stated to the developer. He promised to fix these vulnerabilities. After my recommendations, in version 20130201 the developer added protection against Information Leakage (forbad indexing reports by search engines and added random number to the filename). But software is still vulnerable to Brute Force. ---------- Details: ---------- Brute Force (WASC-11): http://site/ai-bolit.php?p=1 Information Leakage (WASC-13): http://site/AI-BOLIT-REPORT.html http://site/AI-BOLIT-REPORT-<date>-<time>.html (since version 20121014) Leakage of reports with stats and FPD. Also these reports are indexed by search engines. If there is mentioned backdoors on the site in report, then after getting access to report, it's possible to get to know about backdoors and hack web site with using them. ------------ Timeline: ------------ 2013.01.22 - announced at my site. 2013.01.22 - informed developer about vulnerabilities. 2013.02.01 - developer released new version with protection against Information Leakage. 2013.04.13 - disclosed at my site (http://websecurity.com.ua/6271/). Best wishes & regards, MustLive Administrator of Websecurity web site http://websecurity.com.ua _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists