| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20030320033303.7159.qmail@www.securityfocus.com> Date: 20 Mar 2003 03:33:03 -0000 From: subj <r2subj3ct@...lan.org> To: bugtraq@...urityfocus.com Subject: SimpleChat Product : SimpleChat! Version : 1.3 WebSite : http://hot-things.net Problem : Private info viewing Description: ------------ In a directory /data/ the file containing the information on users of a chat lays (taking place in a chat at present), to which any interested person can receive access. The file looks approximately so: 1048102503: |:127.0.0.1: |:subj: |:w1 1048102799: |:127.0.0.1: |:clark: |:w2 In the given situation we receive IP the user. Exploit: -------- http://[somehost]/chat/data/usr Link: ----- www.dwcgr0up.com Fixs: ----- U can finf all our fix on our homepage [www.dwcgroup.com] Thanks: ------- GipsHack : DHGroup : EXploit.ru : p0is0n : de1irium Contact: -------- r2subj3ct@...lan.org irc.dwcgr0up.biz @ #dwc
Powered by blists - more mailing lists