lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 28 Nov 2017 12:35:48 +0100
From: "oric one" <oric-1@....com>
To: jericho <jericho@...rition.org>
Cc: Full Disclosure <fulldisclosure@...lists.org>
Subject: Re: [FD] CSC-Cart RCE - CVE-2017-15673

1. Yes, it should have been cs-cart. This was a sloppy and stupid mistake. 

2. I believe I do and I believe my intended mail gave full disclosure. It appears though that the mail body may not have been sent. The contents taken from my sent messages says: 


**** Summary 

CS Cart is a PHP based shopping cart software, which is hosted either locally or by the company cs-cart company. It has a vulnerability in the administration section, which allows full remote code execution on the server. 

This has been allocated CVE-2017-15673 

**** Vendor of Product 
cs-cart.com 



**** Affected Product Code Base 
CS-Cart - 4.6.2 and Some Previous 



**** Attack Vectors 

A custom page can be created as part of the files function in the 
administration section. It is possible to give this page a .php 
filetype and fill it with valid PHP code. This can then be saved in a 
location which allows the pages to be executed as PHP, therefore 
gaining access to the whole server. 


Unless you suggest otherwise I will correct the header, remove the asterisks and ensure it is sent as text only.

Thanks

> Sent: Saturday, November 25, 2017 at 4:13 AM
> From: jericho <jericho@...rition.org>
> To: "oric one" <oric-1@....com>
> Cc: "Full Disclosure" <fulldisclosure@...lists.org>
> Subject: re: CSC-Cart RCE - CVE-2017-15673
>
> 1. Do you mean CS-Cart? 2. Do you understand what 'full disclosure' means? - jericho

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux - Powered by OpenVZ